Pages:
Author

Topic: Use of TOR Browser for Bitcointalk (Read 772 times)

legendary
Activity: 2268
Merit: 18711
November 27, 2019, 04:16:04 AM
#44
-snip-
No. Tor and VPNs are not that similar, and VPNs are poor choice for general privacy reasons. .onion sites are on the dark web, not the deep web - the terms are not synonymous. Using Tor alone does not provide anonymity by any means, for example if your OS is spying on you or your computer is infected with malware.

I would suggest reading the other posts in this thread before replying.
member
Activity: 196
Merit: 30
November 26, 2019, 11:01:47 PM
#43
I am currently using Firefox but i want to use TOR browser to login Bitcointalk. Is it safe to use TOR browser as i heard it is a dark web browser where hackers can hack our credentials and information ?


The TOR network is similar to a VPN. Messages to and from your computer pass through the Tor network rather than connecting directly to resources on the Internet. But where VPNs provide privacy,
And you can also visit .onion( Deep net ) website through Tor browser
It means Tor provides anonymity,

hope you understand what is TOR  Grin
sr. member
Activity: 1015
Merit: 289
November 26, 2019, 10:34:38 AM
#42
If you are worried about a three letter agency having the resources to be able to set up and maintain enough Tor entry guards that you are likely to use one (and enough Tor exit nodes to be able to deanonymize your traffic), then said agency is not going to be stopped by a $5 a month VPN provider.

That's not an assumption I'd necessarily make. With Tor, you're getting a "random" Tor node, weighted to favor high-bandwidth nodes and by other factors.  If you choose a VPN in a trustworthy country, with a trustworthy record, then that's potentially safer. Attacks to covertly fill Tor with attacker nodes have been done in the past (see section 5.1 for the most interesting info). Attackers don't need to get anywhere near filling Tor 50% with their nodes, since you pick random nodes all the time: just 2 attacker nodes can be enough, though with low probability.

Also, Tor is fundamentally a centralized network: you can't be a Tor node on the mainnet Tor network without the approval of the Tor directory authorities. The authorities are run by people associated with, and using rules largely set by, the Tor Project. I don't know if I really believe this, but considering how weak Tor is compared to the state-of-the-art research and how poorly-thought-out the Tor Project's overall strategy has tended to be, I've thought that Tor could be an incredibly subtle "controlled opposition" operation. It wouldn't be necessary to control every single person in the Project, just influence things enough to make progress in less important rather than more important directions, slightly bias directory authorities in sane-looking ways which actually help attackers, etc. (I admit that this is quite the conspiracy theory.)

The term "conspiracy theory" is itself a psyop invention, a magic expression designed to have the power of aborting any discussion just by introducing the dogmatic judgement that someone is a paranoic crackpot, thus unabler to think clearly. Apart from this, I agree on everything. In fact, if THEY CAN infiltrate and control the Tor project, why wouldn't they actually do it? If they can, be sure that they will do it - or more likely, that they've already done it.
legendary
Activity: 2212
Merit: 7064
November 25, 2019, 05:13:46 PM
#41
I won't be in the slightest bit surprised if Microsoft announce in, say, 3-4 years:

"terribly sorry kids, it seems we were accidentally recording every keystroke and capturing from your webcam 24/7 anyway, some pesky bug!". I expect some people might actually buy that line a couple times before they finally figure out what Microsoft are really saying

Maybe,
but I think much greater danger are Smartphones.
Google is collecting much more information than Microsoft could ever imagine.
That includes your location, voice and text conversations, and who knows what more...
legendary
Activity: 2268
Merit: 18711
November 25, 2019, 04:31:15 PM
#40
-snip-
I mean, even although it's common knowledge that Google stick their noses in to every single aspect of your lives if you give them even half a chance, they still manage to have a few "accidents" along the way:

Oops, we've accidentally be recording and listening to your conversations!
Silly us, we've accidentally been examining the traffic from your WiFi networks.
We even forget to tell you we hide microphones we don't tell you about inside our hardware! We are such airheads!

And yet Chrome remains the most popular web browser by far, Google remains the most popular search engine by far, Android remains the most popular mobile OS by far, and people continue to be more than happy to pay for the privilege of bugging their own homes with devices which are spying on them.

I'm fairly sure that if Microsoft did come out with something like that, it would be forgotten within a week and wouldn't hurt their bottom line whatsoever.
legendary
Activity: 3430
Merit: 3080
November 25, 2019, 04:14:29 PM
#39
even with Windows 10 heavily customized to minimize telemetry and monitoring

I won't be in the slightest bit surprised if Microsoft announce in, say, 3-4 years:

"terribly sorry kids, it seems we were accidentally recording every keystroke and capturing from your webcam 24/7 anyway, some pesky bug!". I expect some people might actually buy that line a couple times before they finally figure out what Microsoft are really saying
legendary
Activity: 2268
Merit: 18711
November 25, 2019, 03:26:01 PM
#38
I mean, it works, but that's irrelevant if Microsoft are listening to everything that's happening at the OS's end.
Pretty much this.

I've talked about this a couple of times before, and I'll quote one of my previous replies below with links to some interesting articles. Basically even with Windows 10 heavily customized to minimize telemetry and monitoring, it still monitors way more than is reasonable.

I sometimes use Tails from a removable drive, but I wouldn't recommend using it as your standard all-the-time OS. Better to choose something like Ubuntu or Linux Mint. You can always set up a dual boot as well so you can return to Windows as needed if you can't get something working properly on Linux.


Even if you turn off all tracking and telemetry features, Windows 10 still tries to phone home a staggering 5,500 times in 8 hours. The additional use of third party tools designed to stop this did help a bit, but these researchers still reported 2758 connections in 30 hours.

Other researchers have similarly found that even when you disable Windows 10 features like Cortana, it is still logging your activity and sending it to Microsoft.
legendary
Activity: 3430
Merit: 3080
November 25, 2019, 02:58:01 PM
#37
What do you guys think about using TOR from Windows 10?, compared to Win 7, Ubuntu, or even Tails?
Is it bad to run TOR on Win 10? Dangers?

well, seeing as Microsoft have taken to telling everyone "We spy *ahem* collect data from everything you do on Windows!!", I don't think you have much of a guarantee that Tor Browser is secure on Windows. I mean, it works, but that's irrelevant if Microsoft are listening to everything that's happening at the OS's end.


I'm barely tech savvy enough to make Tails work, I'm ashamed to admit.. It's always something that doesn't work right...
I had an old version of tails and remember it being "better" from my perspective as in it just worked and worked right every time without a bunch of messing around compared to the new one, which doesn't like being installed on something not "removable", bunch of glitches like pixilated screens when loading, and internet adapter problems, can't even get the Ethernet to work on my Alienware with Tails much less wifi for some reason but works if I boot it on some other computers.. It doesn't even work the same way consistently it seems..

sounds like that one laptop doesn't have drivers for its network devices in standard Tails. This can be worse for new hardware, as Linux devs just haven't gotten round to adding support for brand new devices yet. Which means using older hardware is more likely to work without having to go to extra lengths


Qubes OS + Whonix is like out of my league..
I tried putting Qubes on a portable HDD recently actually and couldn't even get it to boot and gave up immediately, lol..

You need specific features on your CPU for latest Qubes (VT-d and SLAT, or the AMD equivalent of those).

Best thing is to base your choice of computer around Linux for a Linux machine (same especially goes for non-standard peripherals, such as printers, research models that are known to work with Linux before buying).
legendary
Activity: 2296
Merit: 2262
BTC or BUST
November 25, 2019, 02:17:44 PM
#36
If Tor was only used for illegal activities as you suggest, then no one would use it as doing so would make it blatantly obvious that you were doing something illegal. Plenty of people use Tor all the time for a variety of reasons. Furthermore, the deep web is accessible from any browser, it just isn't indexed. It is not synonymous with the dark web. Saying Tor is a risk because you could download malware from the dark web is the same as saying owning a phone is a risk because a scammer might call you.
This is basically what I was trying to say..


What do you guys think about using TOR from Windows 10?, compared to Win 7, Ubuntu, or even Tails?
Is it bad to run TOR on Win 10? Dangers?

I'm barely tech savvy enough to make Tails work, I'm ashamed to admit.. It's always something that doesn't work right...
I had an old version of tails and remember it being "better" from my perspective as in it just worked and worked right every time without a bunch of messing around compared to the new one, which doesn't like being installed on something not "removable", bunch of glitches like pixilated screens when loading, and internet adapter problems, can't even get the Ethernet to work on my Alienware with Tails much less wifi for some reason but works if I boot it on some other computers.. It doesn't even work the same way consistently it seems..

Ugh.. It's not my thing I guess, IDK.. I think I kinda understand the ideas behind it but suck at actually doing it and dealing with all the bugs in almost any linux I have ran..

Qubes OS + Whonix is like out of my league..
I tried putting Qubes on a portable HDD recently actually and couldn't even get it to boot and gave up immediately, lol..
hero member
Activity: 1932
Merit: 535
Leading Crypto Sports Betting & Casino Platform
November 25, 2019, 12:23:26 PM
#35
I am currently using Firefox but i want to use TOR browser to login Bitcointalk. Is it safe to use TOR browser as i heard it is a dark web browser where hackers can hack our credentials and information ?
Hackers can hack our credentials from chrome, firefox , IE as well. The onion router TOR is mainly used to remain anonymous while you go on internet.
legendary
Activity: 1414
Merit: 1808
Exchange Bitcoin quickly-https://blockchain.com.do
November 25, 2019, 06:12:16 AM
#34
Someone could definitely make something much better, though.

I bet you could, I also bet I couldn't understand it if you were the architect
legendary
Activity: 3430
Merit: 3080
November 25, 2019, 05:50:19 AM
#33
Qubes OS + Whonix is a pretty good alternative compared to just using the Tor browser on Windows.

I've been using Qubes as my main OS for years now.

I take advantage of the structuring of the VM's to make it less likely that I make human error de-anonymization mistakes when using Tor. I use a disposable whonix VM with the Tor Browser for alot of my web access, especially just general browsing around, and have the Noscript plugin defaulting to javascript being completely off.

All the VM's have colored window borders, so it's quick and easy for me to see when I'm using a VM that's connected by clearnet, or through the whonix Tor gateway.

and the standard whonix gateway is configured to use different routes for different VMs, and also to use Torsocks with various commands (e.g. wget) that aren't designed to use Socks proxies.


There is also I2P alternative for TOR, but it needs more development.

I2P would be nice if:

  • the main client wasn't Java based. The JVM itself has been a security disaster for years now
  • the alternative C++ client was being developed by people who don't write in the Cyrillic alphabet. Trying to figure out their github repo is nightmarish, who knows what's going on?

I like the idea of I2P in principle, not so sure about the reality just yet


Unlike Tor, you can't access regular website/domain with I2P.

There should be ways to bridge out of I2P and back in again. Bitcoin is set to add a new IP announce format with a field designed to be big enough for v3 Tor hidden services and I2P hidden service IP formats (as well as CJDNS)


legendary
Activity: 2268
Merit: 18711
November 25, 2019, 05:48:39 AM
#32
since you pick random nodes all the time
I wouldn't say "all the time". Sure, you pick new middle and exit nodes randomly every 10 minutes, but the average lifespan of an entry guard is 120 days, so unless an entry guard loses its guard status or is attacked and taken offline, you will only choose 3 new entry guards a year. An attacker would also have to bring down every guard on your guard list before you would connect to a brand new guard.

TOR Browser is only used by people who really need it, not for ordinary people who use an ordinary brochure. Tor may not be an option for laypeople to use, because it is associated with a risk that threatens the Dark Web or the Deep Web.
This is nonsense, and is essentially the "Why worry about privacy if you have nothing to hide" argument. If Tor was only used for illegal activities as you suggest, then no one would use it as doing so would make it blatantly obvious that you were doing something illegal. Plenty of people use Tor all the time for a variety of reasons. Furthermore, the deep web is accessible from any browser, it just isn't indexed. It is not synonymous with the dark web. Saying Tor is a risk because you could download malware from the dark web is the same as saying owning a phone is a risk because a scammer might call you.
legendary
Activity: 2212
Merit: 7064
November 24, 2019, 07:11:07 PM
#30
There is also I2P alternative for TOR, but it needs more development.
https://geti2p.net/en/comparison/tor

If someone wants to be totally anonymous only way is to stop using smartphones and social networks with google and youtube.
Question is, how many people are willing to do that?

Interesting websites with alternatives you can use to reduce tracking:
https://prism-break.org/
https://www.privacytools.io/
legendary
Activity: 3472
Merit: 1722
November 24, 2019, 06:30:56 PM
#29
You don't even need to install and run TOR to access .onion "scary deep web" links, you can view them with about any browser if you want to by changing the .onion to something I forget..

"Whenever you see a URL like http://duskgytldkxiuqc6.onion/, that's a Tor Onion service. Just replace .onion with .onion.to or .onion.city or .onion.cab or .onion.direct or any other domain made available by volounteers Tor2web operators Example:" https://www.tor2web.org/

Terrible for privacy and you have to trust the gateway owner not to manipulate any content he's serving you.

What it would do for you using TOR to login and browse BitcoinTalk is not let BTCT know your real IP, but only if you NEVER use your real IP on that account you logged into, or they gotcha..

Or to avoid informing your ISP to which domains you're connecting to.

legendary
Activity: 2296
Merit: 2262
BTC or BUST
November 24, 2019, 06:08:03 PM
#28
You don't even need to install and run TOR to access .onion "scary deep web" links, you can view them with about any browser if you want to by changing the .onion to something I forget..

"Whenever you see a URL like http://duskgytldkxiuqc6.onion/, that's a Tor Onion service. Just replace .onion with .onion.to or .onion.city or .onion.cab or .onion.direct or any other domain made available by volounteers Tor2web operators Example:" https://www.tor2web.org/

So TOR is not some dangerous to run scary deepweb monster.. You can also use TOR to (more) anonymously browse the regular internet and maybe read some things that you wouldn't want anyone to know you were studying..
Like reading wikipedia articles on Democracy from China..


I see no reason not to try TOR out as you would use any browser, just don't do anything illegal and your fine to try it..

What it would do for you using TOR to login and browse BitcoinTalk is not let BTCT know your real IP, but only if you NEVER use your real IP on that account you logged into, or they gotcha..
legendary
Activity: 3472
Merit: 1722
November 24, 2019, 05:56:17 PM
#27
but there are many known attacks which can be used against Tor, plus possible 0-days against the browser, so you can never feel 100% anonymous.

Qubes OS + Whonix is a pretty good alternative compared to just using the Tor browser on Windows.

Also, even if you treat Tor as perfect, it's really difficult to remain consistently anonymous; for example, you might via Tor use the same email address to order something shipped to you as you use to speak out against your oppressive government, and that's a link that can be exploited. Even though Tor is pretty flawed, being far behind state-of-the-art research, it's these non-Tor anonymity failures which almost always get people. This was the case for Ross Ulbricht, for example. As I always say: if you think that you're perfectly anonymous, then you're wrong. Think of even the best anonymity tech as a light bulletproof vest which will increase your survivability a bit, not as an impenetrable wall.

Ross Ulbricht made some pretty bad mistakes, if anything it's more of a surprise why he wasn't caught sooner. But some have been caught by things as seemingly innocuous (to an average person) as their writing style that could be connected to their real identity.
administrator
Activity: 5222
Merit: 13032
November 24, 2019, 05:38:58 PM
#26
Is there any alternative to navigate anonymously as good as TOR?

Not really, Tor's the best there is currently. Someone could definitely make something much better, though.
hero member
Activity: 1232
Merit: 669
November 24, 2019, 05:27:31 PM
#25
snip

I thought you could be a TOR node in a decentralized way, I was wrong.
Is there any alternative to navigate anonymously as good as TOR?
No VPN, No Proxy.

Pages:
Jump to: