DuckDuckGo Search Engine Erects Tor Hidden Service

An anonymous reader writes "Viewable with Tor installed, search engine DuckDuckGo has erected a hidden service for secure, encrypted searches through the Tor network. While past attempts at hidden service search engines failed due to uptime or quality issues, DuckDuckGo marks the first time a real company operating a public search engine has offered a solid search engine as a hidden service for Tor users."

Beavis & Butthead

[KingAlanI]

Hidden erection ... hurr hurr hurr

GoodLuckWithThat

[rrohbeck]

How long until it's going to be shut down because you can find nasty bits with it?

Re:GoodLuckWithThat

[adamofgreyskull]

"Nasty bits"? Do you mean 1s or 0s?

Re:GoodLuckWithThat

[Greyfox]

Oh right, like you can't find nasty bits with a regular search engine. Here, allow me to illustrate. *rolls up sleeves* Oh, Google!
Clown Porn
Dolphin Sex
Live goat porn
Smurf Sex
iranian leader Ahmadinejad gets a dirty sanchez... DOH! You have failed me, Google! Go now and think about what you've done!

So you see, you don't need Tor to find some nasty shit on the Internet. You just need one of those pink things between your ears.

Re:GoodLuckWithThat

[Jah-Wren+Ryel]

"Nasty bits"? Do you mean 1s or 0s?

Those are the other bits in the same mask as the evil bit - they are just less significant.

Re:GoodLuckWithThat

[julesh]

How long until it's going to be shut down because you can find nasty bits with it?

How would somebody go about shutting it down?

Re:GoodLuckWithThat

[beckerist]

I can't wait for that last one to show up in Google Trends.

Re:GoodLuckWithThat

Smurf Sex? Has the special edition of Avatar leaked allready?

Re:GoodLuckWithThat

[SudoGhost]

Well, unlike other TOR servers, where anonymity hides the server's location, it's pretty obvious who's hosting this server. The Government would just be like "Hey...stop it."

That's how.

Re:GoodLuckWithThat

[Greyfox]

For that, I'd suggest googling on "Avatar Navi Homoerotic Fanfic". If you're more of a giant robots fan, "Transformers homoerotic fanfic".

Re:GoodLuckWithThat

[julesh]

Well, unlike other TOR servers, where anonymity hides the server's location, it's pretty obvious who's hosting this server. The Government would just be like "Hey...stop it."

That's how.

And all they have to do is leak their database and TOR configuration files, and suddenly anyone can run it, and seamlessly for anyone using the TOR service URL. And as long as they lay the groundwork in advance, they can even deny having done it: an appropriate rootkit on their server should suffice to cast doubt on any evidence against them.

Re:GoodLuckWithThat

[mseidl]

Bytes Gone Wild! When bytes expose their naughty bits! Not suitable for people under 18 or Ruby users.

Re:GoodLuckWithThat

[cheros]

*Applaus*

Congratulations, that was one of the funniest debunks I've seen in a while here. LOL..

Re:GoodLuckWithThat

[Rhaban]

"Nasty bits"? Do you mean 1s or 0s?

1s into 0s

Re:GoodLuckWithThat

[arndawg]

That would be 1010011010

Re:GoodLuckWithThat

I love to think about those poor people who still have link preloading turned on in cases like this, really lights up my day.

Re:GoodLuckWithThat

[Eponymous+Bastard]

More like 2s

I mean, that's just unnatural.

Re:GoodLuckWithThat

[John+Hasler]

DuckDuckGo is located in the USA, not in Europe.

Re:GoodLuckWithThat

More to the point, is Tor usable now? Last I checked it was so slow it was largely unusable. And now I see (further down in the comments) that its principle feature, anonymity, has been compromised by the USGov anyway.

Re:GoodLuckWithThat

[Nyder]

I noticed you said regular search engine, then just used google.

Is that the only regular search engine?

Re:GoodLuckWithThat

couldn't get it to fit

So who is really behind this search engine?

Which is it?

NSA?
CIA?
FBI?

All of the above?

Which of the social policing groups (with some Acronym name) do we have to thank for this search engine service?

Re:So who is really behind this search engine?

[joe_garage]

nah - this smacks of the Ohio State Police

Re:So who is really behind this search engine?

[leuk_he]

Those are far more interested in tor exit nodes.

1. They think those are the people who look up material that illegal
2. Running a sniffer on a tor exit node gives all kind of traffic that is anonymous, but not encrypted.

Re:So who is really behind this search engine?

[tepples]

Running a sniffer on a tor exit node gives all kind of traffic that is anonymous, but not encrypted.

Doesn't HTTPS work over Tor? Oh wait, plenty of hobbyist sites don't have a TLS certificate to begin with, and a lot of sites (such as Slashdot) save CPU time by redirecting all HTTPS URLs to the corresponding HTTP URL except for payment pages.

Re:So who is really behind this search engine?

[yegg]

I'm behind it: http://ye.gg/

Fail.

"This site requires JavaScript"

How stupid is that, for a Tor hidden service? Sure, it may well provide "secure, encrypted searches", but there's going to be no guarantee of privacy for so long as it demands script active to function.

How is this better than using any other search engine via Tor? At least Google/Scroogle/Ixquick/[many others] don't require script to perform such a very basic task, so at least with those I can feel confident about retaining my privacy, in addition to performing similarly secure, encrypted searches.

Re:Fail.

[jack2000]

They just want to discover your real ip, hence the javascript.

Re:Fail.

[rve]

You're an idiot. Stop posting.

Re:Fail.

"How stupid is that, for a Tor hidden service?"

relax, it's new. let's all provide feedback to the admin of the site with the suggestion of improving it by disabling javascript for the hidden service. the tor website has extensive documentation about hidden services if you don't know what they are, go read. irc for tor devs and users: irc.oftc.net #tor

duckduckgo hidden service had a topic on the Tor mailinglist (or-talk) public may read and subscribe to these at Tor's website, click on "Docs" at the top, scroll down, subscribe to tor users or-talk.

the only failure I see here is proper communication through proper channels. did you write to the duckduckgo admin?

duckduckgo provides a free hidden service and could use a few tweaks but instead a coward moans, "fail." let's see you provide something better, quicker, without anyone quipping at your initial trials.

"How is this better than using any other search engine via Tor? At least Google/Scroogle/Ixquick/[many others] don't require script to perform such a very basic task"

do you understand how a hidden service works? searching google directly while using tor is often a useless venture, shooting you to a captcha page which often doesn't work even when you type and retype the same captcha. scroogle only recently wised up and began referring tor users to their SSL enabled page. how many other established search engines do you personally know of offering a free tor hidden service? zero according to my research.

ssl certs are often duped through tor, i'd trust a hidden service over ssl certs through tor. accessing a site using ssl does have some pitfalls, research browser tech and ssl repeat visits and what, if any, the browser spills about you with repeat visits.

it's new, it's free, it's unique, have a grain of patience and offer something constructive rather than honking the fail horn, anybody can do that and it requires no effort.

Re:Fail.

[CarpetShark]

Why is that? Because you don't get why a Turing-complete language with internet access could be a security threat?

Re:Fail.

Well, it also gives results without javascript. I also first thought it gives no results at all, until I realized it just knows no results for most queries (even for stuff where google finds more than 50000).

Re:Fail.

[TheRaven64]

did you write to the duckduckgo admin?

I've been using DDG as my main search engine for a few months, and this is well worth doing. I've used the feedback link a couple of times, to report cases where the search results are poor or there's a glitch in the UI, and both times I've had a speedy reply and the issue has been fixed.

Of course, this might mean that I'm the only person using DDG, but I hope not. They have a very good privacy policy and a much better UI than any of the other search engines that I've tried.

I used Clusty for a bit, because I liked how they presented the results (DDG actually does something similar for disambiguation), but their index was so small that I kept giving up and going back to Google. DDG has a link to the Google search at the end of their results - I've only clicked on it a couple of times, and in both cases I've also failed to find anything useful with Google.

Re:Fail.

[TheRaven64]

Example? As I said in an earlier post, I've been using DDG for a while and found it results helpful. There have been a few cases where DDG has only returned a dozen or so results and Google has returned thousands, but I got bored looking through the Google ones after four pages with nothing relevant. Oh, and if you do have JavaScript, you don't have to click on the next page link with DDG - it automatically fetches the next set of results when you scroll to the bottom of the page.

Re:Fail.

[julesh]

Why is that? Because you don't get why a Turing-complete language with internet access could be a security threat?

It's only a security threat if you can't trust the site that the programs are originating from. Sure, this search engine *may* be able to dump a tracking code into their output and therefore break the TOR privacy[1], but you have to ask how likely to happen is this? And my answer: very unlikely.

[1] Doing so is, however, hard, an not even obviously possible: the identifying information javascript can access is rather limited, and it doesn't provide any means of bypassing your outgoing proxy server, so I don't *think* there's anything it can get access to that's damaging. It can identify your web browser and operating system, which is info you might be stripping out of HTTP requests with (e.g.) privoxy. It is also be able to list your browser plugins and their versions. Except in very unusual circumstances, I don't think we're talking enough information to identify an individual. And people in those circumstances ought to understand them well enough to be able to avoid the problem (we're basically talking people with custom browser builds, or private browser plugins).

Re:Fail.

[TheRaven64]

the identifying information javascript can access is rather limited

Unfortunately, this is entirely wrong. For example, JavaScript can get your browser version, list of installed plugins, and whether you have visited certain sites quite easily. There are also a number of other things that you can do with JS to aid tracking.

You can get some of this information without JS, of course, for example by providing various object or embed tags and seeing which ones are fetched.

Of course, just because it's possible doesn't mean that DDG does it. They don't even use tracking information in their preferences cookie (unlike Google) - they just contain a simple preferences string so all users with the same preferences have identical cookies. And they don't leave any cookie unless you modify the preferences.

Re:Fail.

[icebraining]

Oh, and if you do have JavaScript, you don't have to click on the next page link with DDG - it automatically fetches the next set of results when you scroll to the bottom of the page.

I have the Autopager extension, which does the same for Google and a whole lot of other websites - and I don't need to give JS permissions to the website in question :)

Re:Fail.

[arndawg]

The internet is only insecure if you don't trust the internet. Come one everybody. Let's trust the internet and share the love.

Re:Fail.

[drinkypoo]

It's only a security threat if you can't trust the site that the programs are originating from.

That's right. And I don't trust it. I only want to use a privacy network that works even if I don't trust all the participants.

Re:Fail.

[yegg]

A non-JS version is imminent.

Re:Fail.

My leaving feedback here was sufficient, no need to waste my time seeking out other means.

I'm a 'coward' as you call it because that's the name Slashdot chooses to give to anonymous posters. Nothing new about that. I post anonymously because I don't have an account here, nor do I want one.

I could potentially provide something better myself, a functional search service with privacy, security and anonymity as a stated objective, but I have little interest in doing so. I do respect that someone has taken the time to create a service like this, but still, I won't be limiting my reaction to that service if the provider is indeed interested in honest feedback about it.

Yes, I do understand to some degree how Tor hidden services work. What differentiates a hidden service from a more typical online service is that the service provider itself may remain anonymous. This is a system that allows for controversial such services to exist due to the protection afforded by the chain of relays that separate host and user.

Google doesn't always work well with Tor due to their script detection system identifying Tor exits as potential abuse of the service due to the popularity of searches it receives from a limited number of IP addresses.

Scroogle has a decent Tor policy, though its redirection to the HTTPS service should not be considered as something that will protect your privacy/anonymity. Use of HTTPS may well prevent middlemen from monitoring your searching habits via Tor exits, but Scroogle itself is still a middleman that cannot be trusted, along with the Google service it queries. For this reason you should NEVER put any personally-identifying information into a search field that you are not comfortable with people knowing. Tor, DuckDuckGo, Scroogle, nor HTTPS in general will protect you here. Use of the DuckDuckGo hidden service provides no additional privacy/security over other popular search engine services short of the extra hops separating the user-host (3 during typical Tor usage, 6 (iirc) for hidden services). The fact that the DuckDuckGo service itself states to require script in order to function is actually to its detriment by comparison.

I take my hat off to those that did take the time to create the service, absolutely, so don't think that I don't appreciate the effort. I will admit to being disappointed at seeing the script requirement though given the common knowledge of the danger of script use over privacy/anonymity services.

Aside from all this, I admit to being too quick to judge and react here, as after performing a couple of different searches using the service I was receiving no results other than the "This site requires JavaScript" message. This led me to believe the service was not going to provide results short of me having to bypass common sense security settings to meet its requirements. It was only after I made the response here that I decided to test it again by running a different search, then seeing results roll in. My mistake, sorry. Still, I will still stand by my anti-script opinion here with regard to a service of this type.

Re:Fail.

[stuckinphp]

It's only a security threat if you can't trust the site that the programs are originating from. Sure, this search engine *may* be able to dump a tracking code into their output and therefore break the TOR privacy[1], but you have to ask how likely to happen is this? And my answer: very unlikely.

Please. If you do not understand the fucking problem. Do the world a favor and shut the fuck up.

http://www.defcon.org/images/defcon-17/dc-17-presentations/defcon-17-gregory_fleischer-attacking_tor.pdf
http://ha.ckers.org/blog/20060704/cross-site-scripting-vulnerability-in-google/
http://www.xssed.com/news/41/A_new_critical_Google_XSS_vulnerability_promptly_corrected/
http://shiflett.org/blog/2005/dec/googles-xss-vulnerability
http://blogoscoped.com/archive/2007-09-28-n28.html
http://www.h-online.com/security/news/item/Google-fixes-cross-site-scripting-vulnerability-in-YouTube-comments-1032988.html
http://ibnlive.in.com/news/orkut-attacked-by-bom-sabado-worm/131714-11.html
http://www.geek-news.net/2010/09/twitter-hit-with-major-xss-hack.html
http://lynnepope.net/twitter-xss-attacks
http://nemesis.te-home.net/News/20090407_Metasploit_Decloaking_Engine_and_TOR.html
http://securityandthe.net/2008/12/23/finding-a-hidden-ip-address-just-got-easier/

Doesn't search hiddent Tor sites...

Yeah, a new search engine... It doesn't search hidden services, it just operates as a hidden service. If you want it to...

Oh, and as noted above it requires JavaScript to see any more results than the first few.

Re:Got milk?

[interkin3tic]

Hee hee... "erect!"

How can it be hidden?

When they are telling everyone about it?

Re:How can it be hidden?

[CarpetShark]

It's hiding in plain sight. Like ninjas.

What's in the name?

[SharpFang]

Infamous 4chan often plays various jokes on the users - like "wordfilters", you post one word, the post contains another. You write "moot", your post contains "doug" and so on. Over some time 4chan wordfiltered "loli" to "duck". The anonymous liked the joke so much that once it was removed, users kept posting "links to duck porn" and so on.

I can't help but think there's a connection.

Re:What's in the name?

[Trepidity]

That was a SomethingAwful practice that 4chan later picked up, iirc. Possibly predates SA as well, but I think they popularized it on webforums, at least.

Re:What's in the name?

Oh god, i forgot Duck.

As for that connection, you could never know really.
A good bunch of us did break off long enough from 4chan to make websites, whether simple scrapers or tools for making "original content" because the boards (well, some) got too fast that everyone got too lazy.
Some you hear about all the time like cheezburger and memegenerator, others you hear nothing of because the users still stick by the Anonymous role so closely.

Re:What's in the name?

[Average_Joe_Sixpack]

http://en.wikipedia.org/wiki/Duck,_duck,_goose

Re:What's in the name?

[rainmouse]

Nonsense, everything cool starts on 4chan, why they invented rickrolling, lolcats, fire, the wheel, penicillin, the theories of evolution and relativity and even putting videos up of your favourite songs along with shitty kids cartoons featuring stupefyingly wide swords. Youtube and the rest of the web just follow along centuries behind the times.

Before the trolltards come a-flaming me about the accuracy of my post or lack thereof, consider the tone of irony that many lack basic understanding off these days, the same awkward irony one might feel when their wife selects the iron in a game of monopoly.

Re:What's in the name?

[SharpFang]

rickroll was a variation of duckroll, which in turn came to life after 'loli'='duck' was removed, but in turn 'duck' was wordfiltered to 'egg'. thus eggroll-duckroll...

Re:What's in the name?

> penicillin

You'll need it after you've been to 4chan.

Re:What's in the name?

Thats what kept me laughing as rickrolling went mainstream. I think there was even a NYTimes article about the origins of it, but somehow they left that wonderful piece of info out.

All these 'normal' people, from entertainers on tv to random coworkers to kids, all rickrolling each other, not realizing that if you trace the roots back far enough the entire joke was made possible because someone wanted to click links to see some child porn.

Re:What's in the name?

[fedxone-v86]

> 4chan

Yeah, everything on the internet is connected to 4chan, right.

Maybe you think to much about 4chan or loli or zoo sex. Huh, zoo sex? You haven't mentioned zoo sex in your post, at all.

No, but you have set your fucking /. homepage link to your personal zoo sex / furry page!!! WTF!?

WTF, dude!?

Why?

Why? I always thought Tor hidden services were for cases where the operator of a web site wanted to protect their identity (much like users do when using Tor the "regular" way). But the operator of the website is obvious here, isn't it?

Given that Tor users can access "regular" websites just as well as hidden services, what is the point?

Re:Why?

Maybe it can remove some load from the tor exit nodes.

Re:hidden-shmidden

[CarpetShark]

So wouldnt the point of a Tor hidden search engine be that it can not be identified?

What would be the point of building a website people can't identify? ;)

Re:hidden-shmidden

Exactly! The main point of a tor hidden service is to protect anonymity for the server. Tor users can already access the secure version of the site to get the encryption. The only real advantage I see is not having to go through an exit node to access the service.

One small note.

You're still sending your queries to the actual search provider.

If you're researching new innovations, it might be a bad idea, unless you fully trust the search provider to not sell the search terms to other (national) groups.

Tor is compromised

[Iamthecheese]

Tor is compromised by the US government. So go have fun on it but fon't get too cocky.
linky (warning:.pdf)
linky
linky

Re:Tor is compromised

[bmajik]

Thanks for posting this. The Colorado paper is the key thing to read.

Once I read that tor chose nodes according to an algorithm, and that the data used by that algorithm was not verified, and that this was done in the name of "performance", I could see where things were going in that paper. It was a "doh!" moment to be sure.

It strikes me that for the things I'd want to use tor for, _really_ important things (i.e. not media piracy), high bandwidth and low latency are both unimportant. Privacy is more important. I don't want to download a dvd over tor, I want to send a short encrypted email to my conspirators.

For such an application, I'd prefer onion routing that was buried in a covert channel.. something that didn't even look like a message at all. Something where the routing and the noise were both random, and the payload was simply lost in the mix. A factor of 10:1 or even 100:1 "Garbage" to "payload" would be fine for the average email or image.

Duck Duck Go should be avoided - Here's why

[theskipper]

I registered a domain a while back for an bike hobbyist site that I wanted to start. Nothing major, just swap tips and meetups to help out the community.

Over the next few months I started getting random emails from some users that my site was "infected" and "hacked", etc. The first thought was that their machines were infected so I didn't think much of it. But I checked to see if there was anything wrong with my server and everything looked ok.

Next thought was that somehow I got stuck in one of the Google filters in the SERP (i.e. "visiting this site may harm your computer") . Again, no evidence that was the case.

So I emailed back to a couple of the folks that reported the problem and asked for a screenshot of exactly they were seeing. Sure enough I get a browser screenshot back that has DuckDuckGo plastered all over it, warning about how my site was not to be trusted.

After some more research, it turns out that anyone browsing with the Duck Duck Go toolbar is hooked into a database at ivegotafang.com (also maintained by the Duck Duck Go folks). It acts as a net nanny and filters out parking pages and other "unsavory" sites on the fly. Sure enough, since the domain I used had previously been parked, it was still flagged as evil.

To get out of the database you're supposed to go to the site and basically beg to be removed. On principle there was no way I was going to stoop to this level so I just told my users the story and to uninstall the Duck Duck Go toolbar. Everything was fine after that.

Of course there are very few people using the Duck Duck Go search engine, let alone the toolbar. But the bigger issue is whether this behavior should be encouraged. This isn't like a net-nanny filter for porn. It's for something as innocent as a parking page which lots of sites resolve to while being developed.

With Google a parked page simply doesn't show up in the index and they reeevaluate periodically. Duck Duck Go says they also reevaluate but that obviously wasn't the case for my site. The warning page is essentially a manifestation of guilty until proven innocent.

What if there were a hundred for-profit companies like Duck Duck Go, and for each one you were responsible for their erroneous results? And what if you were running a business and just one of your customers saw that screen and started spreading the word that my business can't be trusted because of a false positive on Duck Duck Go? Then you're on the hook for spending hours trying to undo the damage, not Duck Duck Go. Good luck with that.

Soapbox off. Imho, the whole Duck Duck Go thing is nasty and should be avoided at all costs.

Re:Duck Duck Go should be avoided - Here's why

TL;DR: They tried to do something good for their users, implemented it slightly wrong which affected you in a minor way.

Telling thousands of users that they are nasty and should be avoided sounds like an appropriate response.

Re:Duck Duck Go should be avoided - Here's why

[ukemike]

Would incorrectly listing a site as untrustworthy count as defamation?

Re:Duck Duck Go should be avoided - Here's why

[CSMatt]

To get out of the database you're supposed to go to the site and basically beg to be removed. On principle there was no way I was going to stoop to this level so I just told my users the story and to uninstall the Duck Duck Go toolbar. Everything was fine after that.

How exactly is telling Duck Duck Go that your site was incorrectly blocked such a bad thing? So they screwed up. Instead of telling them of the problem and at least giving them the benefit of the doubt that despite their best intentions the reevaluation did not work as advertised, and that they will genuinely try and fix it as well as ensure that their system doesn't allow this to happen again, you immediately tell your visitors that Duck Duck Go is crap*, and not even bother to try and sort out the matter privately?

If I was running the engine I'd certainly want to know when a false positive happens, and the chances of me finding out through your site or this post are basically slim to none. I don't even know what your site's URL is, so this post doesn't help much either.

*I apologize if this wasn't the wording you put in your site. Again, I have no leads on how to access it to find out myself.

Re:Duck Duck Go should be avoided - Here's why

[yegg]

Thx for the feedback. That toolbar is no longer available. The sites it was flagging were parked pages. What happened was is that there was a delay between registration and when the bot could check it out, but it would have been removed automatically. I'm sorry for the inconvenience this caused you.

Clarification?

[MikeUW]

Can someone explain specifically what's special about this? How is this any better than using Tor yourself to search through any other search engine? Presumably, as long as you don't reveal personal information, your searches will be anonymous anyway. If that's the case, how does being able to point your browser to a *.onion domain to access a given service help - is it somehow more anonymous?

(please don't read sarcasm into my question - I'm actually interested to know this).

Re:Clarification?

[moonbender]

I don't know what's special about it, either; Tor services are interesting, but in this case they don't make a lot of sense. Tor usually prevents the server (and others) from determining the identity of the client. Tor hidden services extend this protection to the server itself, ie. you can access a site in the onion domain (if it works) without having any reliable way to determine the site's IP. The client's IP is unknown in both cases, so no, it's not more anonymous in that respect. I don't see the point in using a hidden service for a website with a well known public identity.

Re:Clarification?

The advantages:

• Tor uses more hops when connecting to a hidden service, meaning the user should be more anonymous.
• If DuckDuckGo runs a relay, Tor can use that fact to possibly enable the safer transmission of data.
• Data never leaves the Tor network, meaning exit nodes can't tamper with it or log it or anything.
• Problems like leaky DNS should vanish.

Though I'm not sure any of these assurances is really needed for a search engine. Given the people who use Tor, they'd find some way to justify it, though.

Re:Warning Will Robinson, DANGER DANGER!

DDG does not have a suggestion method like the one google has. Instead it relies on the autocompletion method of your browser when typping on input fields having the same name.

If you came up with those "suggestions" it's because you had previously searched for that, somewhere.

Re:Warning Will Robinson, DANGER DANGER!

I'm sorry but that's a load of BS. Perhaps your usage of Google Instant has marred your perceptions of how a search engine works but Duck Duck Go doesn't offer instant feedback. If you searched for 'c' (and pressed return!) you would get information on the speed of light, what letter in the Latin alphabet it is and information about the "C (programming language), developed at Bell Labs in 1972".

You sir, are a liar and a scoundrel.

Re:hidden-shmidden

[CarpetShark]

Many sites have been shut down, despite claiming to do only what google does. A search index linking to leaked documents, for instance, would probably be under some pressure lately, especially if they couldn't identify the data sources, but only the index that people were finding them through. Hiding the search engine server would help protect them.

Nastier

[Steeltoe]

More like 1.5, and you don't want those bits on your computer... ever.

tor exit node mitm attacks.

[leuk_he]

Even when they do:

A exit node can pretend to be the real site, and do a MITM attack. For simple joes you would just send the data unencrypted to the tos user and hope he does not notice it is an unencrypted page. (THIS HAS BEEN OBSERVED IN THE WILD!!!)

3 letter agencies have their own root certificates and can reencrypt data that would be accepted by the browser as trusted. Only careful examinition of the certificate would show that is was issued by a differt CA.

The whole point of TOR is that you cannot trust you own governmet police. But browser do give your governmet a root certificate of trust. really.

Tor is nice, I2P is nicer

[Steeltoe]

Default Tor traffic, for normal websites like google.com, go through exitnodes. At the exitnodes, everything needs to be decrypted unless it's ssl or similarly encrypted at the application layer. Additionally the traffic is also directed to the REAL IP address. Combined with cleartext, it is quite a big risk actually.

Basically, an exitnode needs the decrypted data for usual http / decrypted traffic, and is a heaven for snoopers and adversaries wanting to do man in the middle-attacks. Even SSL becomes insecure, since such a node gets the power to present fake ssl-certificates, so unless you're careful, or running Firefox with its annoying warning pages, you can be bitten even when using internet bank accounts. It's also easier to snoop SSL at such exitnodes, since you can just harvest keys and do very deep packet inspection, unless keys are transferred in another medium (how it always should be).

Of course, since Tor is used by people seeking anonymity, the reward is higher for snoopers who want to find them. Besides, being an exitnode is a low barrier of entry to become a snooper as well, since every "shady character" is sending data your way. So do good research before using Tor, as care must be taken to preserve anonymity. Don't just run Tor and forget it.

When using hidden services, everything is encrypted along the whole route. The onionrouting will ensure high barrier of entry for adversaries and snoopers. So such hidden services is indeed more "secure" than using google.com (which you can bet is giving APIs to governments and highest bidders to snoop on us), and any other "normal" internet service, including your ISP..

What exitnodes and Tor is good at is this:
Privacy: As in being one "dissident" among thousands of other voices. As long as you don't leak private information in any way, which excludes plugins, java and javascript (disable all such things now, even images can be "unsafe" unless you've anonymized your DNS requests).
Speed: Snoopers of course wants to snoop on you with the utmost efficiency, so the exitnodes are blazing fast servers, which will be faster than relying on random nodes for reaching a "hidden service".

But privacy may quickly be offset by bad research, usage of Tor or even unreleased attacks. Security threats may leak private information in the blink of an eye, especially when using exitnodes.
Don't use Tor unless you REALLY REALLY need it (like getting killed), and do good research and proper setup of the entire machine. Preferably use a prebuilt VM like JanusVM.
Or use Tor if you don't really care and want to try a new thing, but don't act surprised when your identity is leaked..

Using this duck-search engine thingy is off limits, since it requires javascript. Forget it. You might as well use google.com or another hidden service which has no javascript requirements.

If you like anonymity, I like I2P better than Tor. It has a nice community and does have more safe defaults than Tor. In I2P, outproxies, another word for exitnodes, are heavily disencouraged. Instead they're trying to build an entire network of hidden services, to do anonymous search, email, bittorrent, irc, websites, etc. INSIDE the darknet itself. It is like this article, but everything else is built inside the network itself as well. It's a huge project, with lots of volunteers.

I recommend reading on their site how it works, you'll find they address much more issues than most other "darknets", and is open source and seems "honest" about what they know and don't know:
http://www.i2p2.de/

But you never know..

Re:Tor is nice, I2P is nicer

So if one has Firefox with everything proxied through Tor (using FoxyProxy - ignoring its white/blacklisting options), is this any better in terms of anonymity than just going online without Tor? What about Torrents, IRC/DCC, etc...? If no personal information is sent out, how likely is it that a user could be identified? Can plugins really reveal information if nothing personal has been supplied by the user?

Re:Warning Will Robinson, DANGER DANGER!

pics or it didn't happen

Re:GoodLuckWithThate3

Which somehow makes it immune to being shut down by the government?

Or what point were you trying to make? Noone said it was located in Europe.

Re:Warning Will Robinson, DANGER DANGER!

[rainmouse]

Are you sure about this? Because if so then that means someone has been looking for this on my Browser? Please be 100% certain in reply.

Re:hidden-shmidden

The only real advantage I see is not having to go through an exit node to access the service.

Given that the exit nodes can easily be compromised, and with sufficent funding to run a significant number of entry and exit nodes you can identify users that happen to use an entry and exit node you control, then not having to use an exit node seems like a significant advantage.

I'm behind 7 proxies.

Come at me bro'.

Re:Warning Will Robinson, DANGER DANGER!

You like me because I'm a scoundrel. There aren't enough scoundrels in your life.