Because http isn't encrypted and because tor exit nodes can see our traffic, how to encrypt?

edited September 24 in VPN Setup Support Posts: 10
Hi, 

I chatted with the tor irc chat service and they all said that PIA and any other VPN service that claims to help with anonymity or privacy are just plain lying and that when we use a VPN > tor to connect to http sites that there is no extra layer of security, at all. That, when we connect to our VPN the only thing it will do for us is hide from our ISP the fact that we are connected to tor. That being said, I don't know what their problem is with VPNs but I'd just like to know if there is some way to encrypt our traffic against exit node snooping from the NSA or hackers or whoever so that if ever we are using an HTTP site we don't get doxed or blackmailed or hacked or whatever. I don't want any sites or any exit node holder to be able to access my accounts or have any way to see what I am doing on other tabs of my browsers or anything like that. I recently found about Shark Wire, a developing tool that shows all of your computer's data packet circulation and all internet traffic to and from your computer and there are literally thousands upon thousands of packets that are transferred at any given sitting to and from your computer from what I could tell, although I am not a developer and don't know how to use the tool very well. I don't mean to be alarmist about this but just to say that if one accesses an HTTP site via tor that there is a lot of unencrypted data being transferred that could ultimately make tor and any VPN totally pointless. Maybe there is a way to strengthen the weakest link or replace it somehow? 

Thank you for all insight and help !!!

<span>:smile:</span>
Post edited by Jacksback on

Comments

  • Don't all chime in at once...
  • Posts: 10
    Ok... well, thanks anyways I guess.
  • Posts: 282
    I think you are suffering from paronoia. If you are using PIA and are still that worred, maybe you should turn off your internet and stick to face to face communication?
    As far as I am concerned, using a VPN gives me the privacy I require - if the NSA really wants to snoop on you there are many other ways that you can;t really prevent - phone taps, bugging, email reading etc.
    So, my advice is just chill and relax.
  • Posts: 10
    Sorry but it seems that you have failed to respond to my question and instead changed the subject to one of psychology.  

    There are many reasons to encrypt your data as it is transferred across any give network. For starters, HTTP sites simply do not encrypt, and so as long as any person has access to an exit node, so long as a user is accessing an HTTP site through one such node, and so long as the user is entering sensitive information into said site (such as self-identifying information or passwords or so forth) then a hacker or government agent or the like can easily monitor all such information as it passes through their exit node.

    For the very same reason that you have a VPN, at all, one should consider the question of encryption on HTTP sites. The reality about encryption is that on HTTP sites, one cannot encrypt. So how can you claim to care about or need a VPN (which is purchased to encrypt your data) if on HTTP sites one's data is vulnerable and to you wanting to deal with such vulnerabilities means that such is a symptom of paranoia? 

    Also, your answer works in every case. "I'd like to get a VPN so hackers can't see my true IP address." Response: "Then just don't use the internet, you're paranoid." Or, "I'd like to keep my browsing history private from my ISP so that it has absolutely no way of knowing what sites I frequent, such that even if it carries out deep-packet inspection, it still cannot know." Response: "Paranoia, stop using the internet." I'd like to have an email that is very hard to hack... etc. Part of the appeal of quantum computing is an allegedly unbreakable security. Wanting that is not a result of paranoia but of the reality in which we live. Taking precautions to ensure your safety and privacy as well as your identity is by no means irrational. 
Sign In or Register to comment.