![]() ![]() And? The US government is big, one part wants to break it, the other want to see it work. Tor Receives Funding from the US Government Tor Devs Actually Cooperate With the US GovernmentĦ. And let's just take this time to make it clear: DON'T USE HTTP, OR ANY UNENCRYPTED THINGS OVER Tor! Actually, Always use encryption, no matter if it's on Tor or not! And with Tor Browser 11.5, it's been switched over to HTTPS-Only, so if you see a screen saying that something isn't secure, think twice about what you are about to do. Well, Tor Browser has included HTTPS Everywhere since it's creation exactly for this reason. hey, "anyone can set up a Tor node like we already mentioned", the problem here is just what they wrote in 1? Why make a specific one for HTTP? Yes? I'm not sure which is the correct word, what is correct is that they don't. Exit Nodes Don’t Really Encrypt Your Traffic I would also like to specifically pick out "Oh, and back in 2014, there were even attacks against the Tor network that allowed the NSA (and any other agency, really) to de-anonymize around 81% of Tor users" because it is a traffic correlation attack, which is nothing new, and Tor does not try to protect against it as stated in the original 2005 design paperĤ. Importantly: unless you are a high priority target, nobody is going to use an exploit on you. The vulnerabilities in the news articles linked to have been patched. By exposing it to attacks and scrutiny and then fixing the problems. And that is how you build a secure platform. there have been many exploits through Tors history. ![]() The Government Has Many Ways to Compromise the Network And using the Harvard bomb threat to highlight this, that Tor has weaknesses, and then using it to talk about it, inform others of what went wrong, what they should do better, is better in my opinion.īut, for most people, this probably won't be much of a (direct/immediate) problem.ģ. Of course it also highlights: Tor is not magic, it has strength and weaknesses. (It can be made less suspicious by using Tor for a longer period of time). It is very suspicious that someone accessed Tor at that exact time, probably for a very short time, but it does not mean they did it. And that's critical for safety and security of the rest of them, because that means you can't, I mean if Iran wanted to round up all of their, it wouldn't actually work" And personally I think Tor actually worked to some extent. Roger puts it best: "the average Tor user in Iran is not a political dissident trying to take down their government, the average Tor user in Iran is a Facebook user trying to reach Facebook. The more the merrier! The diverse the better! And this is also important for the above person in a hostile place. And so I want to point out that being the only person on the network using Tor definitely makes you stand out, which is why anonymity loves company. They also point to the Harvard bomb threat. It probably won't be perfect, the people blocking Tor might be able to figure out that it's Tor even if obfuscation helps hide it. If you are in a hostile place, use obfuscation: obfs4 bridges, meek or snowflake. all Tor relay IP addresses are also publicly known (so it probably doesn't matter much that Tor traffic doesn't look like any other type of traffic by default). The TLS (the same thing used by HTTPS) used by Tor can be distinguished from the TLS used by Browsers for HTTPS or well any other TLS. And as written, we do not know how many nodes are bad (although, with all the meetups and getting to know the operators of families, we might know how many aren't).Ģ. ![]() And there have been many instances of bad nodes being found (and then excluded). The very first problem is the use of "clear" ("Why the Answer Is a Clear “No”"), NOTHING is ever clear/100%, anything like that, in anonymity/privacy/security. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |