Infographics - Tor, HTTPS and Security

In a wave of panic sweeping the US residents, “our government is watching us” (surprise!), The Electronic Frontier Foundation put out in an accessible graphical form a description of what Tor hides, what the HTTPS encryption protocol hides, and what they can hide, taken together.

So, all the information transmitted via the Internet from the user to the site and back can be divided into (as indicated in the pictures):

site.com - site address
user / pw - username and password on the site
data - data transmitted between the user and the site
location - information about the user (ip-address, and, potentially, his identification)
tor - information that the user uses the tor network

Open channel

')
Naturally, in the absence of any encryption, all this information is available to everyone - a hacker, viciously sucking the wi-fi channel of your router, the isp sysadmin and the lawyer standing behind him and a cop who cleverly connected to the channel between the user’s provider and the site’s host provider. NSA (National Security Agency, or, as the Americans joke, "No Such Agency"), as well as the admin of the site itself, as well as all lawyers and cops who came to the hoster.

Https

When you enable https encryption, the picture changes - now no one, except those who have access to the server, receives the transmitted data, and the login with the user password. But its ip-address and site address are still available.

Tor

When using the onion-based Tor network without https, the picture is as follows: the hacker is satisfied only with the user's ip and knowledge of the tor network, his provider and the naughty Buratino from the NSA who listens to traffic before joining the tor network do the same thing.
Next come joyful chippolins, Tor nodes. All of them, of course, know about the network torus. In this case, the input node knows only the ip-address of the user, intermediary nodes do not know anything at all, and the outgoing one, on the contrary, knows everything except the ip of the user. And this same information is known to all after it - the pinion of the NSA, listening to the channel at the exit from Tor, the hoster, the admin site and its hangers-on.

Tor + HTTPS

Finally, the safest possible option is Tor and https.

Almost all the participants of the banquet know very little - either the user's ip and his use of the tor network, or only the website address and the Tor network. And only the owners of the site itself know everything except the ip of the user.

Total

These, of course, are not all ways to restrict access to your traffic. Whether to use them or not is up to you. But, as popular wisdom says, it is better to be safe than vice versa ...
There is no doubt that the increasing pressure on users will lead to an increase in traffic encryption methods and an improvement in the capacity of the networks hiding the user. Whether this struggle will lead to the release of the Internet or unreal crackdown will be shown in time, and most likely not so distant.