Torrent sites on the onion network being served over http



  • I've noticed that torrent websites like the Pirate Bay are served over http.

    This means that when using a network like the Tor onion network, where the first server in the response chain receives the website unencrypted, could they not change the links on the website? Let's say that a node is compromised, or run by a hostile owner.

    http request -> onion network -> server
    http response -> server 1 (s1) -> s2 -> s3 -> client
    

    If server 1 is compromised, can it alter the data?



  • Tor is a (multi layer) encrypted tunnel. If the endpoint server (here PirateBay) is an Onion server (the URL ends by *.onion), Server 1 see an encrypted response. The Tor software on the client machine decrypt it into plain HTTP.

    Server 1, 2 and 3 can alter the encrypted data, but without knowing its content. Also, this data will be rejected by the Tor client because it will detect a corruption.

    If the endpoint server is a classical web server (with a URL like piratebay.org), then Server 1 can see the plaintext data of the requests and alter them.


Log in to reply
 

Suggested Topics

  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2