Topic: How anonymous is TOR really? - page 2. (Read 24516 times)
I don't understand how would anyone benefit from VPN or offshore VPS !?! Well imho noone can even know what traffic is your and what is not when you are connected to Tor (you are a node) - as there is know way to know where the the message originated. Or am I mistaken?
I like the idea of anonymous internet activity - trouble is all the baddies that use it too...
I use TOR from time to time but usually use VPNs because of security and peace of mind (but mostly just something to spend bitcoins on)
This guy proved it was anonymous - the only way they caught him was due to his ego...
http://www.bbc.co.uk/news/technology-22248692
This is a great article, however I'm not sure if this truly proves tor is completely anonymous. http://www.bbc.co.uk/news/technology-22248692
From bbc website:
Quote
After Mr Katayama's arrest, the NPA sought guidance on how to handle similar cases. The industry report drawn up for the NPA recommended considering a ban on Tor and other anonymising networks as they had been found to be used in a wide variety of crimes.
Japanese ISPs have not welcomed the recommendation.
Japanese ISPs have not welcomed the recommendation.
If the ISP's begin to intervene, then I agree. Anonymity will be compromised. Until then however, if you used it correctly according to all the guidelines... it is anonymous.
This guy proved it was anonymous - the only way they caught him was due to his ego...
http://www.bbc.co.uk/news/technology-22248692
This is a great article, however I'm not sure if this truly proves tor is completely anonymous. http://www.bbc.co.uk/news/technology-22248692
The advice above is good, but also check out the links below. Tor is great, but still has issues which one hopes will be remedied in the future to make it even better:
1. "Tor can't solve all anonymity problems. It focuses only on protecting the transport of data. You need to use protocol-specific support software if you don't want the sites you visit to see your identifying information. For example, you can use Torbutton while browsing the web to withhold some information about your computer's configuration." -- https://www.torproject.org/about/overview
2. Also read this section of an overview, then check out the links: http://en.wikipedia.org/wiki/Tor_(anonymity_network)#Weaknesses
3. https://lists.torproject.org/pipermail/tor-dev/2012-September/003992.html
4. https://tails.boum.org/forum/Who_carries_half_of_all_Tor_traffic__63____38_operators/
5. http://www.syverson.org/tor-vulnerabilities-iccs.pdf
One longer-term issue is the centralized nature of the Tor directory servers.
1. "Tor can't solve all anonymity problems. It focuses only on protecting the transport of data. You need to use protocol-specific support software if you don't want the sites you visit to see your identifying information. For example, you can use Torbutton while browsing the web to withhold some information about your computer's configuration." -- https://www.torproject.org/about/overview
2. Also read this section of an overview, then check out the links: http://en.wikipedia.org/wiki/Tor_(anonymity_network)#Weaknesses
3. https://lists.torproject.org/pipermail/tor-dev/2012-September/003992.html
4. https://tails.boum.org/forum/Who_carries_half_of_all_Tor_traffic__63____38_operators/
5. http://www.syverson.org/tor-vulnerabilities-iccs.pdf
One longer-term issue is the centralized nature of the Tor directory servers.
I have the impression that TOR is not completely secure to keep you anonymous if you use the same session (IP) to visit several websitess since your IP-address will be saved in those websites logs.
Another scenario is Google & other big sites sharing data about their users with each other to get a better understanding of their registered and unregistered users. Even fragments of information can match with a real identity, for example the patterns of the languange used in your google searches, your blogs, tweets, emails, forum discussions (at bitcointalk) can easily be analyzed. Google has been indexing internet for years so they have all data they need. The more sources they got, the more accure they can match different mails, tweets and forum posts with each other, even if the IPs used are completely different (with help of TOR).
One solution for cautious people is of course to use encryption in all communication and never share data at public places (never writing posts at forums like this). I guess guys like Satoshi change their language pattern in forums and mails so they can remain anonymous.
Another scenario is Google & other big sites sharing data about their users with each other to get a better understanding of their registered and unregistered users. Even fragments of information can match with a real identity, for example the patterns of the languange used in your google searches, your blogs, tweets, emails, forum discussions (at bitcointalk) can easily be analyzed. Google has been indexing internet for years so they have all data they need. The more sources they got, the more accure they can match different mails, tweets and forum posts with each other, even if the IPs used are completely different (with help of TOR).
One solution for cautious people is of course to use encryption in all communication and never share data at public places (never writing posts at forums like this). I guess guys like Satoshi change their language pattern in forums and mails so they can remain anonymous.
http://ra.fnord.at
Don't forget to use the TWO virtual machine method, disable js and plugins, check ssl certs, don't accept bad ones.
What do you mean with 2 virtual machines?
Quote
Don't forget Govt monitors darkweb too..
Government suits monitoring darkweb is like staring at Goatse image all day long and being paid for it. They cannot do much about information in darkweb. Unless someone does something unimaginably stupid.
Don't forget to use the TWO virtual machine method, disable js and plugins, check ssl certs, don't accept bad ones.
What do you mean with 2 virtual machines? 
Quote
https://www.torproject.org/docs/faq-abuse.html.en
"Tor aims to provide protection for ordinary people who want to follow the law."
What a hypocrisy. In same time they say it is meant for chinese and iranian dissidents as a tool to help break Chinese or Iranian law."Tor aims to provide protection for ordinary people who want to follow the law."
Of course it is common sense not to write on official homepage that the Tor is meant to enable childporn, drug trade, hacking and such communications and show middle finger to government censorfags.
There is no VPN that does not save session logs or financial data that can be used to trace you. Many hackers have fallen to this trick. Being offshore means nothing. Combining Tor + VPN is less secure than Tor alone or combining Tor + hacked WiFi in another part of city. Because VPN is more likely to closely watch the traffic (and save Tor traffic timings) compared to regular ISP (it depends from country and ISP).
Quote
Don't forget Govt monitors darkweb too..
Government suits monitoring darkweb is like staring at Goatse image all day long and being paid for it. They cannot do much about information in darkweb. Unless someone does something unimaginably stupid. 
For what it's worth, hackers who work for the government laugh at people who say TOR is secure and anonymous.
what about the us goverment who still tries to shut down silkroad for 2 years but cant...
Here's what I find dumb about the govt not liking Bitcoin. The average idiot will leave massive trails when hiring a hit man or buying drugs. MUCH more than cash.
Wrong the govt USES the dark web and hence never attacking it. Don't forget to use the TWO virtual machine method, disable js and plugins, check ssl certs, don't accept bad ones.
https://www.torproject.org/docs/faq-abuse.html.en
"Tor aims to provide protection for ordinary people who want to follow the law."
It's safe and secure as long as you are not doing illegal things. If you need more privacy and security,
Use VPN + TOR or
VPN (That doesn't saves logs) + TOR on a offshore VPS.
+
Don't forget Govt monitors darkweb too..
"Tor aims to provide protection for ordinary people who want to follow the law."
It's safe and secure as long as you are not doing illegal things. If you need more privacy and security,
Use VPN + TOR or
VPN (That doesn't saves logs) + TOR on a offshore VPS.
+
Don't forget Govt monitors darkweb too..
How exactly do they compromise your CA store?
The do it with radio waves coming from black helicopters. They also disable bad node detection mechanism in Tor if the computer is not shielded with tin foil.Tor is not trustworthy, it is not safe to use for anything at all.
Many exit nodes are currently SSLstripped.
Many exit nodes are currently SSLstripped.
I welcome you to start modifying traffic going trough Your Tor exit node. Will see what happens. The conclusions from this experiment will make you feel a little bit better.
How exactly do they compromise your CA store?
Tor is not trustworthy, it is not safe to use for anything at all.
Many exit nodes are currently SSLstripped.
Many exit nodes are currently SSLstripped.
For what it's worth, hackers who work for the government laugh at people who say TOR is secure and anonymous.
Tor is as secure and anonymous as it can be. Reasons for this myth:1. Hackers who work for government usually are total noobs and assholes. They get caught in first place before being "converted" to white hats. This fact alone speaks about their overall security proficiency.
2. Because they are such a lamers they cannot distinguish anonymity from security. They think that traffic being sniffable by exit node means "Tor is not anonymous".
3. They cannot do much about Tor being used for thing they cannot control. They spread FUD in hope that few will eat this bullshit.
Tor is not trustworthy, it is not safe to use for anything at all.
Many exit nodes are currently SSLstripped.
Many exit nodes are currently SSLstripped.
You are supposed to disable plugins and javascript.. Or yes facebook and google will know exactly who you are
hero member
Activity: 588
Merit: 500
Hero VIP ultra official trusted super staff puppet
For what it's worth, hackers who work for the government laugh at people who say TOR is secure and anonymous.
Are you a hacker who works for the government? How would you know this? Are you laughing right now?
Are you a shill for CoinGator? How would you know they're not a scam? Are you laughing right now?
Jump to: