|
Posted by 611 Folsom Street on September 30, 2008, 8:52 am
If you were Registered and logged in, you could reply and use other advanced thread options
On Tue, 30 Sep 2008 08:50:13 -0400, Ari wrote:
> On Tue, 30 Sep 2008 08:28:47 -0400, 611 Folsom Street wrote:
>
>> I'm still a bit unclear about the following points, perhaps the privacy
>> gurus here can explain.
>>
>> 1) What is the major difference between JAP and TOR? Is it merely that
>> Tor is a socks proxy that allows a suitably "sockified" app to connect
>> with it, while JAP is strictly for HTTP only?
>>
>> 2) When you sockify a app and run it through TOR , your isp is hidden
>> from whatever you connect to right? But what about your ISP? Can it see
>> where you are connecting to? Or does it merely see you connecting to the
>> socks proxy?
>>
>> 3)What is tunneling?
>>
>> 4)Stunnel appears to encrypt connections so no-one can see what is being
>> sent right? How does this interact with Tor or JAP?
>>
>> Thanks
>
> http://www.panta-rhei.dyndns.org/pan...dEncryptionFaq
>
> Is a very interesting and detailed guide on how to use Tor, Privoxy,
> Stunnel, Freecap and DCPP.
>
> 1. JAP is an HTTP proxy but can handle HTTP, HTTPS and FTP protocols.
> It has a limited number of mixes you can connect to so performance can
> be slow. The client is written in Java so should run on any system where
> a Java Runtime Environment is available. All traffic is encrypted using
> 128-bit AES. The JAP client may soon be able to connect to Tor servers
> (see the comment about JAP at the bottom).
>
> Tor uses SOCKS and has more servers available. It should be able to
> handle any application that can be SOCKSified (not just web/file
> transfers). Versions are available for Linux/UNIX and Windows but not
> others (Apple OSX users may be able to use the FreeBSD version). All
> traffic is encrypted using 128-bit AES.
>
> 2. Since both Tor and JAP encrypt traffic, all your ISP will able to
> see is the encrypted traffic being sent to the first Tor node/JAP mix.
>
> 3. Tunneling is using one protocol to carry headers and data for
> another - for example you could include file transfer protocol commands
> within an HTTP request to allow it to pass through a firewall that only
> allowed HTTP. For tunneling to work, it must go to a server that
> "unwraps" the protocol at the other end. Tunneling can include
> encryption and authentication but does not have to.
>
> 4. Stunnel allows you to tunnel network connections within an SSL
> (HTTPS) connection providing encryption. It must connect to a stunnel
> server which then decrypts the data. It does not provide anonymity on
> its own but a network of stunnel servers randomly routing data between
> themselves multiple times should give the same level of protection as
> Tor or JAP.
1) Can your ISP see where you are connecting to?
2) Can your destination figure out your orginating ip
3) Are the contents you send secure against prying eyes on route?
I'm less concerned with 1, but it's nice to have if possible.
If I use Tor or JAPS I'm automatically assued of 1)+2) no? But it won't
protect the contents from being intercepted between the last mix and the
final destination?
What if I use a simple annoymizer service? Or just Stunnel?
| 
XML site map