Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated:
1
00:00:00,310 --> 00:00:09,600
Fonzo go out tour now today is an open source anonymising encrypting volunteer operated proxy network
2
00:00:10,050 --> 00:00:17,250
tool helps to reduce the risks of both simple and sophisticated network analysis by distributing your
3
00:00:17,250 --> 00:00:24,660
Internet traffic over several lairs or relays on the Internet so no single point can link you to your
4
00:00:24,660 --> 00:00:25,830
destination.
5
00:00:26,010 --> 00:00:27,340
And that's as you can see here.
6
00:00:27,390 --> 00:00:33,420
This might be you and you're going over a number of relays before you get to your final destination
7
00:00:33,420 --> 00:00:33,890
.
8
00:00:34,190 --> 00:00:38,820
When stores installed it places a Sock's five proxy on your client.
9
00:00:38,820 --> 00:00:44,790
So if you install it on Windows you have a satisfied client on your Windows machine and when correctly
10
00:00:44,790 --> 00:00:45,920
configured.
11
00:00:46,320 --> 00:00:53,180
All designed Internet traffic can be made to go through that proxy so you can see here you would have
12
00:00:53,180 --> 00:00:59,340
a proxy on here and that would force all the traffic to go via this path here.
13
00:00:59,840 --> 00:01:05,820
Packets entering the proxy are encrypted and sent into the tonette where they afforded to another Tor
14
00:01:05,820 --> 00:01:13,560
node and another until finally reaching an exit node where the data is decrypted and sent to its final
15
00:01:13,560 --> 00:01:14,340
destination.
16
00:01:14,340 --> 00:01:21,650
For example Google dot com or Facebook and that full connection would be called a tor circuit and there
17
00:01:21,640 --> 00:01:23,660
is your exit node there.
18
00:01:23,670 --> 00:01:24,750
In addition to this.
19
00:01:24,810 --> 00:01:27,710
So that's using the surface web.
20
00:01:27,780 --> 00:01:38,970
You can also access what is called hidden services and these are accessible by these dot on you or else
21
00:01:39,030 --> 00:01:45,230
as you can see here which is essentially that you are able to access the Tor dot net an exit node.
22
00:01:45,390 --> 00:01:52,860
In this case isn't required what you'll do is instead of coming out of here and exiting to Facebook
23
00:01:52,860 --> 00:02:00,000
or wherever it is you're going you'll go to a server that is within it or network which means your traffic
24
00:02:00,000 --> 00:02:01,900
remains encrypted end to end.
25
00:02:01,980 --> 00:02:02,930
Keypoint amount.
26
00:02:02,930 --> 00:02:10,910
Tor is that no individual node or relay ever knows the complete path the a data pack has taken.
27
00:02:10,920 --> 00:02:15,060
The client negotiates separate sets of encryption.
28
00:02:15,060 --> 00:02:21,090
You can see illustrated here all separate sets of encryption keys for each hop along the circuit to
29
00:02:21,090 --> 00:02:27,150
ensure that each hop can't trace these connections as they pass through to use the same circuit for
30
00:02:27,150 --> 00:02:33,930
connections that happen within the same 10 minutes or so and the later requests are given a new circuit
31
00:02:34,170 --> 00:02:38,130
to keep people from linking your early actions to new ones.
32
00:02:38,130 --> 00:02:46,500
So then you might go from here to here here here and then out let's run through it using the diagrams
33
00:02:46,500 --> 00:02:48,720
provided by Tor themselves.
34
00:02:48,960 --> 00:02:52,030
So first step here you are.
35
00:02:52,170 --> 00:02:57,660
Alice you need to know what are the relays what are the relays that you can connect to that's the first
36
00:02:57,660 --> 00:02:58,260
thing you need.
37
00:02:58,260 --> 00:03:02,660
So in order to do that you need to connect to something called a directory server.
38
00:03:02,880 --> 00:03:07,430
And this is an example a directory server here you can think of it a little bit like DNS.
39
00:03:07,440 --> 00:03:16,190
So you do an encrypted request to this directory server to obtain a list of Tor nodes next Hollis's
40
00:03:16,230 --> 00:03:20,400
Tor client picks a random path to the destination server.
41
00:03:20,790 --> 00:03:31,320
So here we can see the green encrypted lines and coming out of the exit node to Bob or Facebook or whatever
42
00:03:31,320 --> 00:03:31,580
.
43
00:03:31,710 --> 00:03:35,880
And this bit here crucially is not encrypted.
44
00:03:35,880 --> 00:03:44,460
That will be plain text unless you are using an additional layer of encryption such as Hastey CPS.
45
00:03:44,460 --> 00:03:46,980
Now remember this is accessing the surface web.
46
00:03:46,980 --> 00:03:50,650
This is not accessing the dot net or hidden services.
47
00:03:50,820 --> 00:03:52,980
This is just accessing the surface web.
48
00:03:53,040 --> 00:03:53,990
And next.
49
00:03:54,420 --> 00:04:01,680
And if at a later time the user visits another site Alliss to a client selects a second random path
50
00:04:01,680 --> 00:04:10,520
again so we can see a different path and as we've already said this can be every 10 minutes or so.
51
00:04:10,710 --> 00:04:14,870
Talk can't solve all on an empty problems.
52
00:04:14,880 --> 00:04:22,560
It focuses only on protecting the transport of data you need to use protocols specific support software
53
00:04:22,560 --> 00:04:22,850
.
54
00:04:22,890 --> 00:04:27,450
If you don't want the sites you visit to see your identifying information.
55
00:04:27,600 --> 00:04:33,810
For example you can use the tool browser which will go through while browsing the web to withhold some
56
00:04:33,810 --> 00:04:38,160
information about your computer's configuration and will go into all that.
57
00:04:38,160 --> 00:04:42,360
So think of Tor as simply one element.
58
00:04:42,360 --> 00:04:45,920
One tool that enables you to disguise your location.
59
00:04:45,990 --> 00:04:52,500
It is just a tool and it is just one to two it does not provide protection against end and timing attacks
60
00:04:52,500 --> 00:04:52,770
.
61
00:04:52,830 --> 00:04:59,160
If your attacker can watch the traffic coming in and out of your computer and also traffic arriving
62
00:04:59,160 --> 00:05:04,560
at the chosen destination he can use artistical analysis to discover that they are part of the same
63
00:05:04,560 --> 00:05:05,300
circuit.
64
00:05:05,310 --> 00:05:10,030
So Tor is not a panacea for privacy and shouldn't be relied upon as such.
65
00:05:10,050 --> 00:05:15,960
With the right methods and tactics which will go through it can be a very useful tool for aiding in
66
00:05:15,960 --> 00:05:22,650
staying anonymous and the diagram here illustrates the layers of encryption and this is where the term
67
00:05:22,740 --> 00:05:30,960
onion routing comes from is lairs of encryption and these Lares peeled back as you go through the Tor
68
00:05:30,960 --> 00:05:31,850
network.
69
00:05:32,250 --> 00:05:39,330
So the first relay will only see this and we will have these encrypted lairds within it.
70
00:05:39,420 --> 00:05:46,590
The second relay will see this and the third relay will see this until finally the actual message is
71
00:05:46,590 --> 00:05:53,430
received by the destination host which is not encrypted which means that no individual node ever knows
72
00:05:53,430 --> 00:05:56,400
the complete path that a day a packet is taken.
73
00:05:56,400 --> 00:06:02,340
The client is negotiating a separate set of encryption keys for each hop along the circuit to ensure
74
00:06:02,340 --> 00:06:06,780
that each hop can't trace these connections as they passed through.
75
00:06:06,780 --> 00:06:08,460
Let's go through this again.
76
00:06:08,460 --> 00:06:14,490
So your message is encrypted several times and encrypted several times before even leaves your device
77
00:06:14,940 --> 00:06:18,620
node A can only decrypt lair.
78
00:06:18,780 --> 00:06:25,800
And when it's done it will be able to see the address of the next node which is here node be after the
79
00:06:25,800 --> 00:06:28,230
packet reaches the next node node B.
80
00:06:28,270 --> 00:06:37,590
He can only decrypt Labby which is here and so on through the last each Lehre you use a session key
81
00:06:37,590 --> 00:06:41,230
negotiated with the respective nodes public key.
82
00:06:41,370 --> 00:06:46,920
So only the exact know can decrypt the where with it session key when the message reaches the exit node
83
00:06:46,920 --> 00:06:46,970
.
84
00:06:46,980 --> 00:06:54,060
All the letters have been decrypted and the message is now in plain text unless an additional encryption
85
00:06:54,060 --> 00:07:00,570
is used like SSL Diffie Hellman handshake is used to establish those session keys.
86
00:07:00,570 --> 00:07:06,150
David Helmund allows session key negotiation where even a man in the middle observing the traffic would
87
00:07:06,150 --> 00:07:12,180
not be able to determine what the mutually agreed sesshin key was to also utilizers something called
88
00:07:12,180 --> 00:07:18,570
Perfect Forward Secrecy meaning the session keys are ephemeral as they are only used briefly and then
89
00:07:18,570 --> 00:07:19,150
replay.
90
00:07:19,200 --> 00:07:25,290
This then means in the future if one of the nodes is compromised previous data that passed through that
91
00:07:25,290 --> 00:07:31,920
node cannot be discovered and private keys cannot be used to decrypt previous data to basically hide
92
00:07:31,920 --> 00:07:35,610
your IP address on the net where does a reasonable job of it
10290
Can't find what you're looking for?
Get subtitles in any language from opensubtitles.com, and translate them here.