Limitaciones de la red Tor

Tails no oculta que estás usando Tor y probablemente Tails

Todo lo que haces en Internet desde Tails pasa por la red Tor.

Tor y Tails no te protegen haciéndote ver como cualquier usuario de Internet al azar, sino haciendo que todos los usuarios de Tor y Tails se vean iguales. Se vuelve imposible saber quién es quién entre ellos.

  • Your Internet service provider (ISP) and local network can see that you connect to the Tor network. They still cannot know what sites you visit. To hide that you connect to Tor, you can use a Tor bridge.

  • Los sitios que visitas pueden saber que estás usando Tor, porque la lista de nodos de salida de la red Tor es pública.

Los controles parentales, los proveedores de servicios de Internet y los países con una fuerte censura pueden identificar y bloquear las conexiones a la red Tor que no utilizan puentes Tor.

Muchos sitios web te piden que resuelvas un CAPTCHA o bloquean el acceso desde la red Tor.

Los nodos de salida pueden interceptar el tráfico hacia el servidor de destino

Tor hides your location from destination servers, but it does not encrypt all your communication. The last relay of a Tor circuit, called the exit node, establishes the actual connection to the destination server. This last step can be unencrypted.

A Tor connection
goes through 3 relays with the last one establishing the actual connection
to the final destination

El nodo de salida puede:

  • Observe your traffic. That is why Tor Browser and Tails include tools, like HTTPS Everywhere, to encrypt the connection between the exit node and the destination server, whenever possible.

  • Pretend to be the destination server, a technique known as machine-in-the-middle attack (MitM). That is why you should pay even more attention to the security warnings in Tor Browser. If you get such a warning, use the New Identity feature of Tor Browser to change exit node.

Warning: Potential Security Risk

To learn more about what information is available to someone observing the different parts of a Tor circuit, see the interactive graphics at Tor FAQ: Can exit nodes eavesdrop on communications?.

Tor exit nodes have been used in the past to collect sensitive information from unencrypted connections. Malicious exit nodes are regularly identified and removed from the Tor network. For an example, see Ars Technica: Security expert used Tor to collect government e-mail passwords.

Los adversarios que observan ambos extremos de un circuito Tor podrían identificar a los usuarios

A powerful adversary, who could analyze the timing and shape of the traffic entering and exiting the Tor network, might be able to deanonymize Tor users. These attacks are called end-to-end correlation attacks, because the attacker has to observe both ends of a Tor circuit at the same time.

No anonymity network used for rapid connections, like browsing the web or instant messaging, can protect 100% from end-to-end correlation attacks. In this case, VPNs (Virtual Private Networks) are less secure than Tor, because they do not use 3 independent relays.

End-to-end correlation attacks have been studied in research papers, but we don't know of any actual use to deanonymize Tor users. For an example, see Murdoch and Zieliński: Sampled Traffic Analysis by Internet-Exchange-Level Adversaries.