On Fri, 26 Oct 2007 05:00:48 GMT, Joan Battaglia wrote:

> Thanks to you all, I was able to install Tor/Vidalia/Privoxy freeware for
> anonymous web browsing.
>
> When I log into an https email web page, I assume my password is
protected
> from snoopers on the Tor network itself. That is, I assume the https
> encryption prevents a rogue Tor server itself from seeing my password.

Nopeware.

> But - what about if I have to log into a web page that does not have an
> https encrypted login method? Is Tor now compromised? Am I now sending my
> password in the clear to a Tor server which "could" be a rogue Tor
server?
>
> Is my password still secure when logging into an http account with
> Tor/Privoxy running?

Secure is relative.