Slashdot Mirror
The Drawbacks of Anonymous Surfing
BlueCup writes to tell us that one reporter decided to give anonymous web surfing a shot, and found it to be much more trouble than it was worth. Many users take advantage of Tor and other anonymous web browsing tools, but is the amount of hassle worth the effort it takes to remain anonymous?
If you have a few seconds, download Torpark and try it out. It shouldn't take more than half a minute and is Firefox based and pretty much automated.
And if you're worried about having to put Torpark on every machine you use, just put it on a very small USB thumbdrive on your keychain. Plug it into whatever computer you're using and browse the thumbdrive. Double click and go -- no need to worry about leaving personal information on your friend's computer. The application itself is very tiny so it would fit on even very cheap USB drives and there's a Thunderbird extension for it. I was at a conference once and got a free 512MB thumbdrive. I sharpied it as Torpark and now I can serf anonymously if I need to.
The only hassles I can find is that I have it set to not cache anything at all which means sites don't load as fast when I revisit them normally on my desktop. Also, the Tor servers can sometimes be slow to forward packets or the German ranged IP address it masks me with will cause a page to render in German. Oh gut, das ist wert es wohl.
My work here is dung.
The "concept" has nothing to do with the speed. The state of the tor network at a given time is what influences the speed.
Lots of times you'll wind up with an exit node halfway around the world. So if you connect to a site down the street, the traffic has to go to Germany and back. Sucks, but it's the price you pay for a potentially large benefit. Whether or not it's worth it depends on what you're doing.
It can be slow when first starting if it hasn't found good nodes yet. Once it does though speed can pick up... once I was torrenting over tor and I got 100kb/s at one point.
You're not supposed to tunnel BitTorrent over Tor. That slows the network down for everybody, including those who have a need for anonymity for legitimate than getting the latest movie flick.
"Oppression and harassment is a small price to pay to live in the land of the free." -- Montgomery Burns.
I just encrypt my entire /home partition. Its another way to help.
The "hassles" he talks about are mostly the lost convienences of cookies and the occassional site that doesn't work w/out cookies.
Seriously.
That about sums up his complaints.
I'm not terribly impressed by the issues he discovered while using an anonymizing service.
[Fuck Beta]
o0t!
Tor's not a real hassle to use, but it is slow (just like FreeNet is), and always will be.
To use Tor, simply install it, then tell your browser (or privoxy proxy) to use the socks proxy on port 9050 (or wherever). Nothing much can be done about the sluggish latency and low bandwidth, though, because for true anonymity to work you just HAVE to relay through a certain random number of random nodes of various quality. So instead of taking 15 fast intra-country hops to reach Google, it might take 100+ hops all over the globe and back, with each hop being another weak link in the chain.
Speed is the #1 reason I don't use Tor much... except for the rare occasion when I need to upload beheading videos^W^W^W send ransom notes^W^W^W troll IRC^W^W hide p2p downloads^W^W^W research something privately.
Power to the Peaceful
what forensic traces are left on YOUR machine.
It's about what trace you leave across the Internet/Googlesphere/SkyNet.
"Flyin' in just a sweet place,
Never been known to fail..."
You can make Tor very easy to use with any application (on Windows or other VMWare/OpenVPN supported OS) with JanusVM:
http://januswifi.dyndns.org:85/
When you start the Windows VPN connection to the VMWare virtual machine that PPTP network becomes you default route. All DNS lookups, http requests, and other TCP traffic is now transparently routed through Tor. Simply disconnect the VPN to terminate anonymous onion routing...
Also see the user documentation: http://januswifi.dyndns.org:85/Instructions.htm
Transparent proxy avoids many common problems with explicit SOCKS configuration and DNS leaks. Worth a look...
Yeah, except that anyone in the area with a little knowhow and a WiFi enabled laptop can read any unencrypted information you're transferring (which, in a lot of cases can include passwords). Most anonymising services have built in encryption.
Plus, using someone elses WiFi without permission is a grey area legally.
I don't know why you would delete cookies when you're done, rather than prevent them in the first place.
I prefer to block all cookies, then set exceptions for the sites I need to login to. It's pretty easy to do in Firefox, especially if you block-by-default and install Permit Cookies. With that extension, just press Alt-C when you actually want to allow a cookie.
You end up with 10-20 cookies that you really want, and none that you don't want. Easy to manage.
Sure, he deleted his cookies when he was done (I do too) but he never removed all his cache files which could be used to track you. Yes, this will increase the time it takes for a page to load but since apparently everyone but me uses a high-speed connection, waiting that extra half second doesn't seem to be that much of a hassle.
Couldn't the cahce and cookies just be located on a temporary encrypted filesystem? Just use your favorite harddisk/folder encryption utility, generate a cryptographically secure random key for each browsing session, mount the encrypted drive, format it, and use it for the browser cache. There's no reason to limit performance when cryptography can render the cache unrecoverable. There's no point in hiding the fact that you're using Tor by not leaving encrypted cache data on the disk, since anyone watching the network already knows that Tor is being used.