Ask Slashdot: Alternatives To Tor Browser Bundle For Windows?

← Back to Stories (view on slashdot.org)

Ask Slashdot: Alternatives To Tor Browser Bundle For Windows?

Posted by timothy on Sunday May 8, 2011 @05:50AM from the send-your-answer-via-smart-missile-please dept.

SonnyJim writes "I frequently use Tor for my anonymous browsing needs, via the Tor Firefox bundle for Windows. I noticed that there are many other applications out there that use Tor as a proxy as well (Janus VM, ChrisPC, etc.) Are any of them more secure than the original Tor bundles, or am I just wasting my time trying these other applications? Is there anything more secure than Tor, as far as anonymous browsing goes?"

125 of 201 comments (clear)

Min score:

Reason:

Sort:

Tor by x*yy*x · 2011-05-08 05:50 · Score: 5, Insightful

I personally find it funny when people use Tor and then leave behind the same cookies, the same user-agent, LSO and Flash cookies, same system configuration, same screen size, same fonts, same installation and versions of plugins, same MAC address, don't change DNS servers and countless amount of other things that make it very easy to identify your other activity or what you're doing. Especially to Google via Google Analytics.

Nevermind also that half of the TOR network end nodes are monitored and sniff your traffic and can modify your browsing session in various ways. Just imagine the fun when you happen to use an end node that serves you a drive-by download exploit instead of the page you requested.
1. Re:Tor by clang_jangle · 2011-05-08 05:58 · Score: 3, Interesting
  
  I personally find it funny when people use Tor and then leave behind the same cookies, the same user-agent, LSO and Flash cookies, same system configuration, same screen size, same fonts, same installation and versions of plugins, same MAC address, don't change DNS servers and countless amount of other things that make it very easy to identify your other activity or what you're doing. Especially to Google via Google Analytics.
  
  Nevermind also that half of the TOR network end nodes are monitored and sniff your traffic and can modify your browsing session in various ways. Just imagine the fun when you happen to use an end node that serves you a drive-by download exploit instead of the page you requested.
  You have some good points, though some of those concerns are easily addressed in your privoxy config. I use tor regularly BTW, and am impressed with its performance compared to a few years ago. I don't drink the kool-aid, but between privoxy and tor you can certainly avoid being tracked by all but the most devoted bad guys. However, if someone competent is targeting you specifically you're screwed no matter what you use, unless you're an uberhacker with access to some heavy hardware.
  
  --
  Caveat Utilitor
2. Re:Tor by WrongSizeGlass · 2011-05-08 05:58 · Score: 2
  
  Nevermind also that half of the TOR network end nodes are monitored and sniff your traffic and can modify your browsing session in various ways. Just imagine the fun when you happen to use an end node that serves you a drive-by download exploit instead of the page you requested.
  At least it will arrive securely and anonymously - and isn't that what it's really all about? ;-)
3. Re:Tor by Anonymous Coward · 2011-05-08 05:59 · Score: 4, Informative
  
  I personally find it funny when people use Tor and then leave behind [...]same MAC address, don't change DNS servers [...]
  Proof that you know less about this than you think you do. MAC addresses become irrelevant after the first network layer hop or an application layer gateway like TOR. Also TOR acts as a socks 5 proxy and will resolve names for you, again the the DNS settings are irrelevant.
4. Re:Tor by cdp0 · 2011-05-08 06:01 · Score: 5, Informative
  
  Use TorButton then (the Windows bundle includes it IIRC). AFAIK it solves most of the problems you mentioned. If you are using Firefox 4 then you need the alpha version from here.
  Add to that BetterPrivacy, and you should be much harder to track.
5. Re:Tor by 93+Escort+Wagon · 2011-05-08 06:06 · Score: 4, Funny
  
  I personally find it funny when people use Tor and then leave behind the same cookies, the same user-agent, LSO and Flash cookies, same system configuration, same screen size, same fonts, same installation and versions of plugins, same MAC address, don't change DNS servers and countless amount of other things that make it very easy to identify your other activity or what you're doing.
  
  I solved this problem simply by finding out what your user-agent, LSO and Flash cookies, system configuration, screen size, fonts, plugins, MAC address, and default DNS servers were. Now whenever I'm on Tor I pretend to be x*yy*x - so I'm golden.
  
  --
  #DeleteChrome
6. Re:Tor by x*yy*x · 2011-05-08 06:08 · Score: 2
  
  DNS resolving depends on settings. You're correct about MAC addresses, but it's good to remember them too since they are still somewhat relevant if you really want good anonymity.
7. Re:Tor by Hazel+Bergeron · 2011-05-08 06:14 · Score: 3, Insightful
  
  Except, of course, if you're running wireless. Then MAC addresses are recorded by various data gatherers and used, among other things, for that Google location guesser thing.
  Of course, it's OK if you never speak wireless in the clear and always use an encryption protocol which will never be found insecure in the future.
8. Re:Tor by icebraining · 2011-05-08 06:18 · Score: 2
  
  DNS resolving depends on settings.
  
  TorButton - included in the bundle - configures Firefox to use Tor for DNS (using the SOCKS proxy).
  
  --
  Dilbert RSS feed
9. Re:Tor by ibsteve2u · 2011-05-08 06:18 · Score: 2
  
  I don't drink the kool-aid, but between privoxy and tor you can certainly avoid being tracked by all but the most devoted bad guys. However, if someone competent is targeting you specifically you're screwed no matter what you use, unless you're an uberhacker with access to some heavy hardware.
  Didn't you know? Is "the good guys" doing the most tracking these days.
  
  lolll..and as a rule you're paying them to watch you.
  
  --
  Orwell: "In a Time of Universal Deceit, telling the Truth is a Revolutionary Act"
10. Re:Tor by clang_jangle · 2011-05-08 06:23 · Score: 1
  
  Sounds like you're confused. There are no "good guys" trying to track me, only pragmatic reasons I might chose to allow some limited tracking for some limited time (like for street navigation). The "bad guys" are by definition whomever is trying to track you.
  
  --
  Caveat Utilitor
11. Re:Tor by burni2 · 2011-05-08 06:26 · Score: 3, Interesting
  
  But mostly you can identify tor-users which are not having all plugins switched off, by a java applet which acts as a beacon* , also if you have switched it off in your Firefox, it get's reactivated by every juscheded update ;)
  But I also want to point the attention to the lately added
  local web storage in the current generation of browsers, like Opera and doing a picture search in opera and just check the link of the thumb nail you will be interested So the question is how long will it take till it get's abused for traking
  "data:image/jpg;base64,/.*CONTENT*."
  *(udp connection, even through DNS/53 port some PSFs don't catch outgoing connection on this port and won't bring the fact to your attention)
12. Re:Tor by lostthoughts54 · 2011-05-08 06:39 · Score: 3, Interesting
  
  what he means is the old good guys are our new bad guys. and good guy doesn't exist anymore, only you vs. them.
13. Re:Tor by Anonymous Coward · 2011-05-08 06:50 · Score: 1
  
  That's not true either. No matter what OS you are running there is a way to present an incorrect MAC address (ideally you should use a different one every time you log in - generated randomly). Since it is a gigabit+ address space and is only used locally, just use a random 48 bit number. The protocol stacks just want a locally unique 48 bit number. Chance of replicating a local address is approximately zero.
  This is one reason wireless MAC filtering is weak protection. It is trivial to spoof a wireless MAC address and a wireless network traffic can be monitored (for legal MAC addresses).
14. Re:Tor by vlm · 2011-05-08 07:08 · Score: 1
  
  I personally find it funny when people use Tor and then leave behind the same cookies, the same user-agent, LSO and Flash cookies, same system configuration, same screen size, same fonts, same installation and versions of plugins, same MAC address, don't change DNS servers and countless amount of other things that make it very easy to identify your other activity or what you're doing.
  If someone is trying to block web browsing by installing a cruddy blocker or whatever, but are not smart enough to block tor connections (think, hotel, restaurant, etc) then tor is a massively overcomplicated proxying solution.
  
  --
  "Science flies us to the moon. Religion flies us into buildings." - Victor Stenger
15. Re:Tor by Opportunist · 2011-05-08 07:16 · Score: 1
  
  ...for different definitions of "good"...
  
  --
  We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
16. Re:Tor by kwark · 2011-05-08 07:19 · Score: 1
  
  By using TOR directly your browser may be giving away clues to your identify. By using privoxy some identity stuff may get filtered but instead you may be leaking information by DNS (especially if you are on an untrusted network). Torifying UDP is IMHO a PITA.
17. Re:Tor by ibsteve2u · 2011-05-08 07:55 · Score: 2
  
  Might, perhaps, have been best to leave out the adjective "bad", which implies the existence of "good" and so leads those of us who are foolish enough to take someone literally into hypothesizing the existence of an anode in their cathode-only universe.
  
  --
  Orwell: "In a Time of Universal Deceit, telling the Truth is a Revolutionary Act"
18. Re:Tor by Weezul · 2011-05-08 07:58 · Score: 1
  
  It's called the tor "browser bundle" for a reason. You never use your default browser under Tor.
  Yeah, end node sniffing must be addressed through https-everywhere or a vpn of course.
  
  --
  The Christian religion has been and still is the principal enemy of moral progress in the world. -- Bertrand Russell
19. Re:Tor by jvillain · 2011-05-08 08:35 · Score: 1
  
  Once some one has your mac address (assuming they have the real one) they know the manufacturer of your device. From there they can figure out where it was sold and they tie that to a credit card or bank card if you didn't pay cash. If they can tie your mac to some where that you signed up for an account you are also fingered. Every where you go on line no matter how you got there leaves a trail of things that quickly narrow the field of candidates. Your crazy if you think there is anonymity on line.
20. Re:Tor by Anonymous Coward · 2011-05-08 08:57 · Score: 4, Informative
  
  Easy to fix when you use user agent switcher, ghostery, better privacy, noscript, google sharing, cloned mac addresses and torbutton.
  Check out http://www.decloak.net to see how anonymous you are.
  It's hard to beat Tor for anonymous public web browsing, but i2p is already a better darknet.
21. Re:Tor by flowwolf · 2011-05-08 09:04 · Score: 1
  
  No. They're not relevant. Your mac address isn't part of the tcp/ip at all. Hell its not even part of the network layer. Its a layer 2 protocol. It will only ever show up to systems on the same subnet and shouldn't even be considered regarding wide internet anonymity. Also, did you know that about half of statistics are made up on the spot?
22. Re:Tor by smellotron · 2011-05-08 09:09 · Score: 2
  
  Once some one has your mac address (assuming they have the real one) they know the manufacturer of your device. From there they can figure out where it was sold and they tie that to a credit card or bank card if you didn't pay cash.
  
  Are you telling me that if I tell you 00:50:ba:* you can identify where I bought my NIC? And you can tie it to my credit card? You must be a spook in full collusion with D-Link (for the credit card and inventory records), in which case the mac address reveal is probably the least of my worries. If you look in my windows while you're wardriving, you might even see me, too!
23. Re:Tor by causality · 2011-05-08 09:16 · Score: 1
  
  Might, perhaps, have been best to leave out the adjective "bad", which implies the existence of "good" and so leads those of us who are foolish enough to take someone literally into hypothesizing the existence of an anode in their cathode-only universe.
  Why would you want to accommodate foolishness and make it more comfortable? It doesn't lead to fewer fools.
  
  --
  It is a miracle that curiosity survives formal education. - Einstein
24. Re:Tor by causality · 2011-05-08 09:29 · Score: 1
  
  By using TOR directly your browser may be giving away clues to your identify. By using privoxy some identity stuff may get filtered but instead you may be leaking information by DNS (especially if you are on an untrusted network). Torifying UDP is IMHO a PITA.
  The solution is to configure your browser to not provide such information in the first place, even when you're not using Tor. Those few cookies etc. you may need to use certain sites can be limited to a handful of specific sites and made quite temporary in nature.
  I never saw any good reason why HTTP Referrers and user-agent headers were ever included in the HTTP spec in the first place. The first is extraneous information and the second is contrary to a Web based on open standards (and tends to help malicious sites know which exploits to use). Both of those are easily removed or faked as well. I like to use the RefControl add-on to always give a site its own main page as the referrer.
  
  --
  It is a miracle that curiosity survives formal education. - Einstein
25. Re:Tor by blincoln · 2011-05-08 10:35 · Score: 2
  
  "I never saw any good reason why HTTP Referrers and user-agent headers were ever included in the HTTP spec in the first place. The first is extraneous information and the second is contrary to a Web based on open standards (and tends to help malicious sites know which exploits to use)."
  The referrer is useful for a number of reasons. Beyond the obvious one (statistical information), this is helpful for setting up mechanisms to help prevent people hot-linking to images (or other content) on your site. For people who have transfer caps or surcharges, it's really frustrating to have a significant part of that taken up by people who hot-link to your images for use as forum icons or other heavily-used things which don't benefit your site in any way.
  re: the user-agent header - just because the web is supposedly based on open standards doesn't mean users should all get the same content. Ideally they should all be able to *choose* to access the same content, but most people are going to be happier if a website detects that they're using a smartphone and sends them a version of the content optimized for display on a smaller screen.
  
  --
  "...always new atoms but always doing the same dance, remembering what the dance was yesterday." -Richard Feynman
26. Re:Tor by Jane+Q.+Public · 2011-05-08 11:04 · Score: 2
  
  Which is exactly why, if you REALLY want to be "anonymous", you simply spoof your IP and MAC addresses (ridiculously easy to do in most cases) and use somebody's open wifi.
27. Re:Tor by Jane+Q.+Public · 2011-05-08 11:08 · Score: 1
  
  You're really, really reaching. I would guess that you could actually do this in maybe 1 case out of 10,000. MAC addresses are assigned to the network card manufacturer. They are (often) installed in your computer on a Pacific Island somewhere, and shipped to the United States, where they are then further distributed far and wide.
  
  The odds that anything like your credit card number would be associated with your MAC address, in any place that it could, as a practical matter, be found, is vanishingly small.
28. Re:Tor by SonnyJim · 2011-05-08 11:58 · Score: 1
  
  After all the arguing, debating and name calling, finally an actual answer to the question I asked. Thank you.
29. Re:Tor by mywhitewolf · 2011-05-08 12:00 · Score: 1
  
  That is, unless you register your network cards serial number for warranty, I'm sure manufacturer holds the serial number and mac address tied together on a database somewhere, and now they have your address too. getting your identity from your mac address through purchase history would be all but impossible.
30. Re:Tor by mywhitewolf · 2011-05-08 12:07 · Score: 1
  
  accessing webservices based in https would fix this surely? but if they don't encrypt the exit tor node -> web server then of course it could be caught by a man in the middle attack. even if they get this information however they would be unable to tell where the traffic is coming from up stream of the tor exit node unless there is identifying information in the sent data (like you've entered in your email or some such).
  
  I'm not an expert though so don't take my word for gospel, but AFAIK that's how it works.
31. Re:Tor by Mana+Mana · 2011-05-08 12:58 · Score: 1
  
  Ghostery does LSO, oops! Flash cookies.
32. Re:Tor by Lord+Byron+II · 2011-05-08 13:28 · Score: 1
  
  Kids, play nice or you're both going to have a timeout.
33. Re:Tor by Lord+Byron+II · 2011-05-08 13:36 · Score: 1
  
  The referrer is the wrong way to fix hot-linking. You're attempting to maintain costs by using the user's browser. Instead, you should use your web server. Something like the JPG is only available if the HTML page it is on has been recently requested by the same IP. (I'm basically making a fox guarding the hen house argument.)
  And the user-agent header is the wrong way to fix content issues. The best way would be to supply all of the content to the other browser and let the user decide what format they want to see your site. Or for the browser not to identify itself specifically, but have a more general description of capabilities (such as mobile, small screen, large type, etc). The problem with providing specific browser versions is that website owners tend to over-specialize their content. A few times I have been unable to use a site after I downloaded a new browser since the site didn't recognize the latest version.
34. Re:Tor by MrNaz · 2011-05-08 14:14 · Score: 2
  
  Your referrer solution: This solution would overload web servers quickly, as every object request would require a log file parsing. It would also suffer from the problem that the image may be loaded from a different server than the HTML file. Thus, your solution is fraught with difficulty in both efficiency of hardware use as well as implementation. Also, its stupid.
  Your user-agent solution: So you're saying that my smart phone, which is on a slower network connection, with a lower usage quota should receive both the mobile page AND the multimedia heavy regular page, and then choose which to render? That's massively inefficient and will clog low-power, bandwidth restricted devices. Also, it's stupid.
  
  --
  I hate printers.
35. Re:Tor by Vegemeister · 2011-05-08 16:08 · Score: 1
  
  Bloom filter.
36. Re:Tor by lostfayth · 2011-05-08 17:26 · Score: 1
  
  You're correct.
37. Re:Tor by Miaomiao · 2011-05-08 17:44 · Score: 2
  
  As someone who's worked for years as a web developer: Knowing what browser people are using is 100% needed.
  Mostly, you use it as a priority list as far as what browser bugs you're fixing, it's not as serious now, but I know there's many web developers waiting for IE6 usage to drop below .1% so they can safely ignore it.
  Now, using content headers to "guess" which version of a page to serve up is wrong (you can easily use mobile stylesheets for that) but we're nowhere near that kind of real world application.
38. Re:Tor by MstrFool · 2011-05-08 18:42 · Score: 2
  
  To be honest, I have never really understood that mindset. It only comes into play when you wish to flood the page with all sorts of, glamor. And I mean that word in the sense of distracting effects, sounds and movement. It's only needed for making a big show of it, and IMHO, rather few sites benefit from such things. If your business is selling programs for inserting all kinds of special effects, then your page would likely benefit from using such. But if your site is for disseminating information, then all the bells and whistles rather get in the way. Sites that hide and ap that starts playing audio as soon as you load the page? Come on, your taste in music is not that impressive to the random person stopping in, or loud adds that you can't find to shut them up that interrupt what you are listening to while surfing... It's at best rude. I can only speak for my self, but I closed such pages the instant they started, till I got no-scripts and prevented it that way. I've since found my elf back on some of those sites I remembered dumping before. More then once found that exactly the item I was looking for at a better price then I ended up paying on the site that didn't try to scream in my ear. But if I have to fight the site to get through to what I ant, why should I? If you are more interested in showing off your l33t flash skills then you are in trying to sell your product or service, then I'm likely better off going with a company that feels their product or service information matters more then a flash tag or animation, or vulnerable flash plug in. And before any one takes offense, I am using 'you' in a general term, and not meaning any one personally. Or to sum up my feelings on the subject. I am interested in the contents, not how showy the box looks. And honestly, outside of the catalog or ordering system, how many web sites really need flash or scripts? Many here have typed out full web pages with out tools and fancy plug ins that look every bit as good as the web pages with 30 scripts, 6 java applets and a few flash objects. Don't use a tool simply because you have it, use it only when it's needed and most of those compatibility issues would vanish.
  
  --
  Question reality.
39. Re:Tor by mabinogi · 2011-05-08 20:52 · Score: 1
  
  Your user-agent solution: So you're saying that my smart phone, which is on a slower network connection, with a lower usage quota should receive both the mobile page AND the multimedia heavy regular page, and then choose which to render? That's massively inefficient and will clog low-power, bandwidth restricted devices. Also, it's stupid.
  That would be why he suggested the other option - a capabilities field.
  It amazes me that there still is no capabilities header, despite similar existing for mimetypes and languages....
  
  --
  Advanced users are users too!
40. Re:Tor by MoeDumb · 2011-05-08 23:24 · Score: 1
  
  Good grief. Time to bail on this thread.
  
  --
  Mod Me Up. You'll make a grown man cry.
41. Re:Tor by gravis777 · 2011-05-08 23:57 · Score: 1
  
  Nevermind also that half of the TOR network end nodes are monitored and sniff your traffic and can modify your browsing session in various ways. Just imagine the fun when you happen to use an end node that serves you a drive-by download exploit instead of the page you requested.
  http://www.ipredator.se/
  Problem solved. Also a heck of a lot faster. You just have to pay for it, which I think is a four-letter word on Slashdot
42. Re:Tor by phatphoton · 2011-05-09 00:19 · Score: 1
  
  yes.
43. Re:Tor by mhelander · 2011-05-09 00:30 · Score: 1
  
  In a Time of Universal Confusion, telling things clearly is a Revolutionary Act
44. Re:Tor by ibsteve2u · 2011-05-09 00:57 · Score: 1
  
  In a Time of Universal Confusion, telling things clearly is a Revolutionary Act
  lollll...unless, of course, you're a politician - in which case telling things clearly would be a betrayal of your species.
  
  --
  Orwell: "In a Time of Universal Deceit, telling the Truth is a Revolutionary Act"
45. Re:Tor by syockit · 2011-05-09 01:47 · Score: 1
  
  If he didn't take that nickname, surely the number could've been jackpot.
  
  --
  Democracy is for the people; you only vote once per season and we'll do the rest of the work for you don't have to.
46. Re:Tor by cbiltcliffe · 2011-05-09 12:06 · Score: 1
  
  It's a NIC. Do you really think someone who's so concerned about privacy is going to give a crap about the $12/$35 it'll cost to replace an under warranty wired/wireless NIC _if_ it dies?
  Besides the fact that MAC addresses are not globally unique, regardless that they should be in theory, and the only thing that can track them is the subnet you actually connect to, which isn't discoverable to the TOR exit node......
  This conversation is stupid. MAC addresses are not a privacy issue, unless you're connected to a subnet that you're not supposed to be, and doing something stupid.
  
  --
  "City hall" in German is "Rathaus" Kinda explains a few things......
OperaTOR by webmistressrachel · 2011-05-08 05:52 · Score: 1

The best TOR bundle, includes portability, non-root / admin user required, and no cookies etc. between sessions.
All settings are defaulted safe for Tor.

--
This tagline was transcoded to result in at least one smirk. If you experience failure to smirk, please consult your Gen
1. Re:OperaTOR by Anonymous Coward · 2011-05-08 06:08 · Score: 2, Informative
  
  Does it have functionality similar to Firefox with TorButton ? Otherwise I assume it offers weaker privacy.
  Btw, according to this link OperaTor is not maintained anymore, and it was replaced by YAPO which does not support Tor.
2. Re:OperaTOR by webmistressrachel · 2011-05-08 06:25 · Score: 1
  
  Damn... on your first point, no it's stronger because it includes Polipo and Privoxy, which route DNS requests over Tor...
  However, despite me using it religiously for years now, you are correct that it's now been deprecated? Why? I don't have to skills to maintain it, and it's something I am sure lots of people have used as their first step to anonymity... it should be maintained. :-(
  
  --
  This tagline was transcoded to result in at least one smirk. If you experience failure to smirk, please consult your Gen
VPN? by fysdt · 2011-05-08 05:54 · Score: 1

What about a free/paid VPN connection?
1. Re:VPN? by icebraining · 2011-05-08 06:09 · Score: 2
  
  VPN is only one hop between you and any server, so they know both who you are (especially if it's paid), what IPs you connect to and any unencrypted traffic.
  If you trust them more than your ISP, sure, but I think it's far from anonymous, even when compared to Tor.
  
  --
  Dilbert RSS feed
2. Re:VPN? by x*yy*x · 2011-05-08 06:13 · Score: 1
  
  Well, you can use several VPN's between. That way the traffic that goes encrypted between you and first VPN won't leave unencrypted there. But yeah, you always have to trust the person or company that keeps it.
3. Re:VPN? by fysdt · 2011-05-08 06:13 · Score: 1
  
  By default the MS PPTP client supports VPN chaining. The last VPN hop would send unencrypted data (comparable to a Tor exit node) which is afaik unavoidable.
4. Re:VPN? by kwark · 2011-05-08 07:31 · Score: 1
  
  It is simpeler to run TOR on both ends and use VPN between the client and the hidden service (OpenVPN in TCP mode should work). That way the traffic should never leave the tor network.
I don't get Tor by Hazel+Bergeron · 2011-05-08 06:20 · Score: 2, Interesting

Can someone explain to me why someone who is monitoring sufficient backbones and running sufficient Tor nodes himself can't just watch a packet stream being bounced between Tor nodes?
Then there are people using Tor really dumbly such that you don't even need a three-letter acronym to work out who it is.
1. Re:I don't get Tor by betterunixthanunix · 2011-05-08 06:31 · Score: 3, Informative
  
  Can someone explain to me why someone who is monitoring sufficient backbones and running sufficient Tor nodes himself can't just watch a packet stream being bounced between Tor nodes?
  This is one of many known attacks on Tor, and is the reason why as many people as possible should be running Tor relays, entry nodes, and exit nodes. This is also why Tor circuits are periodically changed by the client. In general, though, it is possible for someone who can monitor a large enough fraction of the Tor network to break the anonymity of the system, even if they cannot control the nodes themselves.
  
  --
  Palm trees and 8
2. Re:I don't get Tor by Nimey · 2011-05-08 07:00 · Score: 2
  
  I'd thought about running a Tor entry/exit node, but I really don't want to get dinged for someone else looking at kiddie porn and using me as an exit point. The authorities won't know the difference, and might not even care.
  
  --
  Hail Eris, full of mischief...
  
  E pluribus sanguinem
3. Re:I don't get Tor by westlake · 2011-05-08 07:03 · Score: 1
  
  Can someone explain to me why someone who is monitoring sufficient backbones and running sufficient Tor nodes himself can't just watch a packet stream being bounced between Tor nodes?
  I've asked the same question about Freenet.
  The network depends on users volunteering to route and store high-risk traffic. The files may be in fragments and encrypted. But if your client application, node or supernode is exposed, the consequences may be - unpleasant.
  That is not a problem for the three-letter agency, foreign or domestic that can build depth by running tens of thosands of nodes and supernodes, if it chooses.
4. Re:I don't get Tor by Anonymous Coward · 2011-05-08 07:30 · Score: 1
  
  That might be the case, but I don't think he wants to risk being the first one. All it takes is an overzealous prosecutor.
5. Re:I don't get Tor by Hazel+Bergeron · 2011-05-08 07:42 · Score: 3, Informative
  
  I recall a raid in Germany. Depending on police behaviour and accessibility of records, in some countries that can be as harmful as a conviction (e.g. if you're working in a job with vulnerable people).
6. Re:I don't get Tor by betterunixthanunix · 2011-05-08 09:31 · Score: 2
  
  To date, not a single case has been bought against anyone running a tor exit node.
  ...and yet your life can be ruined just because you were arrested for "downloading child pornography."
  
  --
  Palm trees and 8
7. Re:I don't get Tor by Larryish · 2011-05-08 09:37 · Score: 1
  
  From your link:
  
  ... In this paper, we show that linkability allows us to trace 193% of additional streams...
  193 percent?
  Really?
8. Re:I don't get Tor by Nimey · 2011-05-08 10:27 · Score: 1
  
  You just went full retard. Never go full retard.
  
  --
  Hail Eris, full of mischief...
  
  E pluribus sanguinem
9. Re:I don't get Tor by Jane+Q.+Public · 2011-05-08 11:23 · Score: 1
  
  "The network depends on users volunteering to route and store high-risk traffic. The files may be in fragments and encrypted. But if your client application, node or supernode is exposed, the consequences may be - unpleasant."
  If you are in the U.S., these assumptions are quite incorrect, in at least a couple of ways.
  
  You are volunteering to take on anonymous traffic, not "high-risk" traffic. There is a very big difference. In effect, you are serving as a "common carrier", and you enjoy the same legal protections as any ISP. In other words, you are only carrying traffic, you are not looking at it in any way, or even accessing it, much less altering it, yourself. You are only a relay. You have nothing to do with the actual content, so you cannot be held liable for that content.
  
  Legally, even if illegal traffic passed through your node, law enforcement has no reason to even look at you twice. Their beef, if any, is only with the source and destination of that traffic. You are further protected by the very nature of Freenet itself: all traffic is encrypted, and it is highly unlikely you would be able to decipher any of that content, even if you wanted to.
  
  Also, the volume of your traffic has absolutely nothing to do with the legality of your actions. You have the same legal protections as Time Warner, or AOL, or Comcast.
10. Re:I don't get Tor by DamnStupidElf · 2011-05-08 11:28 · Score: 1
  
  I've always thought it would be nice if the russians or nigerians or chinese would just run Tor on their botnets. I know they probably don't really care for freedom of speech or privacy (in fact, they would like to reduce most people's privacy in terms of financial credentials...) but that is the level of distribution necessary to thwart network analysis. Store-and-forward of all anonymized traffic with random delays and random traffic bursts generated to mask legitimate traffic is essentially the only way to go. Even better if your local gateway just "happens" to be infected with such a botnet client, generating its own stream of random anonymized traffic for plausible deniability.
  
  Alas, it's probably up to some grey-hat hackers to care enough to put something like this together and implement it and keep it running.
11. Re:I don't get Tor by mywhitewolf · 2011-05-08 12:33 · Score: 1
  
  it may not get you convicted, but do you want the extra attention? I'd consider it if my country wasn't balls deep in thought crime persecution, last thing i want to do is gain unwarranted attention.
12. Re:I don't get Tor by ColdWetDog · 2011-05-08 15:48 · Score: 1
  
  You are volunteering to take on anonymous traffic, not "high-risk" traffic. There is a very big difference. In effect, you are serving as a "common carrier", and you enjoy the same legal protections as any ISP. In other words, you are only carrying traffic, you are not looking at it in any way, or even accessing it, much less altering it, yourself. You are only a relay. You have nothing to do with the actual content, so you cannot be held liable for that content.
  That statement is very much open to debate. I would further argue that westlake's legal budget is significantly lower than TIme Warner, AOL or Comcast's.
  
  --
  Faster! Faster! Faster would be better!
13. Re:I don't get Tor by lostfayth · 2011-05-08 17:30 · Score: 1
  
  This is a feature:
  https://www.torproject.org/docs/faq-abuse.html.en#Bans
14. Re:I don't get Tor by Jane+Q.+Public · 2011-05-08 18:13 · Score: 1
  
  WTF??? Your link leads (at least currently) to an article about Repetitive Stress Injury in Australia. I am really not sure at all what you were trying to link to, but I doubt that is it. Just so there is no misunderstanding, I stated quite clearly that I was referring to the U.S.
  
  But to the best of my knowledge, it is not open to debate. And I would argue further that I was talking about the law, not the distorted way the law has sometimes been enforced. Regardless of your budget, if the law is applied unequally to you vs. a person or corporation with more money, then there is something wrong with the enforcement of the law... not the law itself. "Equal protection under the law" is supposed to be the guiding principle of all law in this country. If it is not, in practice, then there is a problem with enforcement. Q.E.D. Don't blame the law.
15. Re:I don't get Tor by Jane+Q.+Public · 2011-05-08 18:16 · Score: 1
  
  By the way: EFF, EPIC, and other organizations all back up my point. Please look it up.
16. Re:I don't get Tor by EdgeCreeper · 2011-05-09 00:30 · Score: 1
  
  Consider that Tor exit nodes are toxic.
  
  Unfortunately, TOR exit nodes are toxic. I ran a fully open tor exit node for 24 hours and got 4 C&D's for my trouble. You need a full time lawyer, or a lot of time spent tuning which traffic you relay. :-/
17. Re:I don't get Tor by jc79 · 2011-05-09 04:18 · Score: 1
  
  You can still help by running a relay-only node. No exit traffic necessary.
A better alternative.. by spaceplanesfan · 2011-05-08 06:20 · Score: 1

Just stop trolling :-)
1. Re:A better alternative.. by spaceplanesfan · 2011-05-08 08:22 · Score: 1
  
  No, I was going for Funny moderation.
  I suggested to stop using Tor, cause you know, its probably was used for trolling.
  Its of course just a joke, no offence.
Coffee Shop by Anonymous Coward · 2011-05-08 07:05 · Score: 1

Live boot a Linux distro and surf your kiddie porn at a local coffee shop.
1. Re:Coffee Shop by mywhitewolf · 2011-05-08 12:38 · Score: 1
  
  then you got to worry about those other privacy concern... like people being able to view whats on your screen and see you fap. IIRC someone in Australia was caught doing more or less exactly this.
Re:they're not here by Runaway1956 · 2011-05-08 08:04 · Score: 1

virtual machine, dude. My virtual machine doesn't come to slashdot . . .

--
"Windows is like the faint smell of piss in a subway: it's there, and there's nothing you can do about it." - Charlie Br
LiveCDs - TAILS v0.7.1, Liberté Linux by integral-fellow · 2011-05-08 08:05 · Score: 4, Informative

First, don't bet your life on this technology or OpenSSH or other tech.
Second, rather than run TOR on an everyday personal or work computer (Windows or Mac or Linux) with sensitive data and identifiable traits, I'd recommend booting a LiveCD: TAILS (v0.7.1 is the latest) and Liberté Linux:
http://tails.boum.org/
http://dee.su/liberte
or get Knoppix and harden it:
http://knoppix.com/
Change your MAC and connect at a coffee shop (if paranoid-- on the other side of town, and wear sunglasses in case of surveillance), not from home. Or connect to someone else's open WiFi, or get the key with Backtrack. Less secure is running a LiveCD in a VM (virtualbox or vmware). Another less secure option is running a hardened Linux, or at least running the Bastille script.
What am I missing? The main trouble with the LiveCD/DVDs is the NIC driver/module, but Knoppix is good for that.
integral-fellow
1. Re:LiveCDs - TAILS v0.7.1, Liberté Linux by Jane+Q.+Public · 2011-05-08 11:30 · Score: 1
  
  The solution to that is to use your Live CD to make a bootable USB drive. Then you can change/improve/upgrade your drivers.
  
  Then encrypt your bootable drive (it is possible to make bootable encrypted drives).
2. Re:LiveCDs - TAILS v0.7.1, Liberté Linux by Jane+Q.+Public · 2011-05-08 11:32 · Score: 1
  
  I should add that in the United States, you cannot be legally forced to give up your encryption passwords, unless law enforcement can already show that your encrypted data contains illegal content. In other words, because of the 5th amendment, the standard is a lot tougher than even probably cause.
3. Re:LiveCDs - TAILS v0.7.1, Liberté Linux by Jane+Q.+Public · 2011-05-08 11:34 · Score: 1
  
  "... probable cause." Damn typos.
4. Re:LiveCDs - TAILS v0.7.1, Liberté Linux by Jane+Q.+Public · 2011-05-08 17:14 · Score: 1
  
  This depends on the particular live CD you are trying to port to your drive. For a good example, try googling "Backtrack 4".
5. Re:LiveCDs - TAILS v0.7.1, Liberté Linux by Jane+Q.+Public · 2011-05-08 17:16 · Score: 1
  
  I will reply with the same thing I told the other person who asked: google "Backtrack 4" and go from there. There are instructions, but they may need to be modified depending on what version of Linux you are installing.
6. Re:LiveCDs - TAILS v0.7.1, Liberté Linux by Jane+Q.+Public · 2011-05-08 17:19 · Score: 1
  
  To whoever has been modding down questions about this:
  
  The United States Constitution guarantees us the right to be secure in our persons, property, and papers. These days, of course, "papers" includes digital files.
  
  Censorship on Slashdot is most unbecoming. I am being very polite. If I were not so polite, I would use other words.
7. Re:LiveCDs - TAILS v0.7.1, Liberté Linux by Jane+Q.+Public · 2011-05-08 17:22 · Score: 1
  
  I will also add: the methods of making your bootable drive encrypted is actually quite ordinary; there are many means of encrypting bootable drives. The trick is making a USB drive bootable in the first place. From there, you can use the well-known, commonplace methods of encrypting the drives.
8. Re:LiveCDs - TAILS v0.7.1, Liberté Linux by Jane+Q.+Public · 2011-05-09 16:19 · Score: 1
  
  I have to wonder who is anonymously modding these posts down... and their motivation for doing so. This seems like a perfectly reasonable discussion of how to make bootable diagnostic utilities for your computer.
Re:secure net by Runaway1956 · 2011-05-08 08:37 · Score: 1

Did you mean I2P??? http://www.i2p2.de/
It too can be compromised by MIM. Otherwise, yes, I think it is superior to TOR. Downside is, not enough people use it to make it worthwhile.

--
"Windows is like the faint smell of piss in a subway: it's there, and there's nothing you can do about it." - Charlie Br
Re:Have you tried tunnelr? by Runaway1956 · 2011-05-08 08:39 · Score: 1

It's just another VPN proxy setup. THEY know who you are.

--
"Windows is like the faint smell of piss in a subway: it's there, and there's nothing you can do about it." - Charlie Br
What is the actual purpose of using TOR? by Warma · 2011-05-08 09:12 · Score: 3, Insightful

I understand that what I'm going to ask is almost a logical fallacy in Slashdot, but I'm going to ask anyway.
Why exactly are you making things complicated for yourself and using Tor in the first place? A person as paranoid as you would use only properly secured banking connections and reputable services anyway, so the chance of any identity theft whatsoever is minuscule. I really can't think of any credible motivation for completely endorsing anonymity except the fear of being caught surfing something explicitly illegal. However, the amount of replies in this thread and their tone suggest, that you can't all be 3rd world revolutionists or Chinese students circumventing the Great Firewall.
Is this just a matter of principle, or do you actually have something to hide? If it's the principle, what are you hoping to accomplish and why? If you're into snuff or whatever, I really don't care, but at least one anonymous reply confirming this would be amusing.
This is not a troll. I'm genuinely interested. Technical answers about repercussions I may have not understood, are not only accepted, but appreciated.
1. Re:What is the actual purpose of using TOR? by Larryish · 2011-05-08 09:44 · Score: 2
  
  From what I gather (remember this info is all secondhand) some people in former first-world countries (USA anyone?) use TOR, Privoxy, livecds, etc. to research the sort of things that might throw up a flag.
2. Re:What is the actual purpose of using TOR? by Anonymous Coward · 2011-05-08 10:31 · Score: 1
  
  Before I could afford internet access at home, I used Tor to download porn from sites like youporn.com. That certainly isn't a legal activity, but using my university's internet system to access porn was grounds for being expelled. This even included kids in dorms.
  Yes, watching porn in public is a horrible idea and would certainly cause others discomfort. But there is nothing wrong with accessing or viewing it in private.
  TL;DR in my country, religious zealots and enforced morality codes forbid University students from accessing pornographic and other controversial materials even in their own dorm rooms. Can you guess which modernized first nation I live in?
3. Re:What is the actual purpose of using TOR? by Anonymous Coward · 2011-05-08 11:27 · Score: 1
  
  Besides the "Nothing to hide" argument being fallacious, why can't privacy just be privacy without someone's silly assumptions about your motivations getting in the way?
4. Re:What is the actual purpose of using TOR? by Jane+Q.+Public · 2011-05-08 11:38 · Score: 3, Insightful
  
  "I really can't think of any credible motivation for completely endorsing anonymity except the fear of being caught surfing something explicitly illegal. "
  History has clearly shown that the right to free and anonymous speech is essential to maintaining a free society. That fact alone is sufficient motivation to do it. If you don't practice and enforce your rights, you are likely to lose them. Your attitude is exactly why this is true.
5. Re:What is the actual purpose of using TOR? by Jane+Q.+Public · 2011-05-08 11:41 · Score: 1
  
  Pardon the multiple posts. That wasn't intended as an insult. What I meant was: the whole concept of "If you aren't doing anything wrong, you have nothing to fear" is the culprit. It is simply wrong. That idea has been disproven by history, many times over.
6. Re:What is the actual purpose of using TOR? by metrometro · 2011-05-08 12:22 · Score: 1
  
  > Is this just a matter of principle, or do you actually have something to hide?
  Yeah, this: http://en.wikipedia.org/wiki/2011_Chinese_protests
  In many parts of the world, basic civil freedoms are not possible without anonymous communications. Given events in North Africa, surveillance combined with brutal repression (see Bahrain, Syria, Yemen, Ivory Coast) is now an expected outcome of trying to organize political discourse in many places.
7. Re:What is the actual purpose of using TOR? by SonnyJim · 2011-05-08 12:40 · Score: 1
  
  For me, it is just a matter of principle. It has nothing to do with having anything to accomplish, illegal activities, or having anything to hide. I have the right, as an American citizen, to use the Internet without being tracked or spied on, period. And as I am new to the whole "anonymity online" prospect, I needed some good advice. What you're basically saying is "Why close your curtains? Do you have something to hide, or are you doing something illegal in there?"
8. Re:What is the actual purpose of using TOR? by mywhitewolf · 2011-05-08 12:43 · Score: 1
  
  I think he wanted to find out what the motives actually were, not weather you had a right to that privacy in the first place.
9. Re:What is the actual purpose of using TOR? by mywhitewolf · 2011-05-08 13:00 · Score: 1
  
  I use it to research anything questionable. I don't trust my ISP & espeically my government to not flag certain informative websites like erowid as "questionable behaviour", which may end up with me being further inconvenienced in the future, (roadside drug searches etc.). I'm not particularly concerned about being convicted based on my browsing habits, but i don't want to risk the extra attention with corruption being rampant in most police forces.
10. Re:What is the actual purpose of using TOR? by Altanar · 2011-05-08 13:07 · Score: 2
  
  Anonymous free speech is a by-product of public free speech and is useless if the society doesn't allow public free speech from a known individual. The uncited source is useless if the government doesn't allow the brave individual to include their reference in a public, non-anonymous article. Without someone, anyone standing up to vouch for a story, publicly, anonymous free speech is easily dismissed, easily forgotten, easily covered up.
  What good would the Deep Throat informant have done if Bob Woodward and Carl Bernstein didn't publicly vouch for his information?
  What are the Federalist Papers without people like Patrick Henry publicly stating "Give me Liberty or give me death?"
  Which affected Iran and the world more? Reading @persiankiwi's tweets or seeing Neda Agha-Soltan, dying on a street with the entire world watching?
11. Re:What is the actual purpose of using TOR? by giltwist · 2011-05-08 13:36 · Score: 1
  
  I use TOR to get around restrictive firewalls at coffee shops and such. For example, the local Panera uses OpenDNS, which seemed to think googlecode.com as a whole was infected with the Conficker worm. TOR let me access it no problem.
12. Re:What is the actual purpose of using TOR? by whimmel · 2011-05-08 14:19 · Score: 1
  
  I know of at least one group that teaches techniques like these to spouses in domestic violence situations. It helps the victims get information and resources (legal or otherwise) together before they make their move.
  
  --
  Does the name Pavlov ring a bell?
13. Re:What is the actual purpose of using TOR? by ColdWetDog · 2011-05-08 15:52 · Score: 1
  
  TL;DR in my country, religious zealots and enforced morality codes forbid University students from accessing pornographic and other controversial materials even in their own dorm rooms. Can you guess which modernized first nation I live in?
  Vatican City?
  
  --
  Faster! Faster! Faster would be better!
14. Re:What is the actual purpose of using TOR? by Jane+Q.+Public · 2011-05-08 17:58 · Score: 2
  
  "Anonymous free speech is a by-product of public free speech and is useless if the society doesn't allow public free speech from a known individual."
  I am quite sure that the authors of the "Federalist Papers" and "Antifederalist Papers" would very strongly disagree with you, Patrick Henry notwithstanding. Thomas Paine is probably a better example, and he was not exactly a friend of the existing government. But here is the most telling point: the very people who were writing the Federalist Papers were our Founding Fathers... they just did not dare do it publicly under their own names. To do so would have called unwanted and perhaps disastrous attention to themselves and their families, at a vulnerable time. THAT is the value of anonymous speech. The government doesn't have shit to do with it.
  
  "The uncited source is useless if the government doesn't allow the brave individual to include their reference in a public, non-anonymous article."
  You make my point for me! Without government sanction, only anonymous speech can truly be free.
  
  "What good would the Deep Throat informant have done if Bob Woodward and Carl Bernstein didn't publicly vouch for his information? "
  It might have actually been believed SOONER if it had come out in Rolling Stone rather than the Washington Post. Seriously, you are making my point for me. You are trying to say that only government-sanctioned sources are reliable, which is precisely the point behind what I originally stated. Woodward and Bernstein had no authority to "publicly vouch" for the information. All they could vouch for was a supposedly "reliable source". Once again, proof of what I say. Deep Throat was an anonymous source. But that source could have used many outlets. Remember, he chose Woodward & Bernstein, not the other way around.
  
  "Which affected Iran and the world more? Reading @persiankiwi's tweets or seeing Neda Agha-Soltan, dying on a street with the entire world watching?"
  That is a straw-man argument. It has nothing to do with the issue at hand, which is: is anonymous speech necessary? Regardless of which is more dramatic, anonymous speech has probably had a much larger impact on history.
15. Re:What is the actual purpose of using TOR? by Warma · 2011-05-08 18:52 · Score: 1
  
  No problem, I wasn't insulted in any way. I stated the comment as a logical fallacy precisely because I knew, that this was going to be said, and that I also consider it the "correct" answer.
  What my actual point tried to be, and what some people here already responded to, was that most of the people here using tor don't really have anything to hide and don't seem to have any use for Tor, yet they worry about these things and make their life more complicated for no apparent reason. I see that as paranoia getting in the way of your daily activities or even gnawing at your quality of life. For example, what would these people do if they didn't have tor at some specific machine? Would they just stop using the internet?
  A secondary purpose was to get a random sample of reasons people actually have for using Tor. I'll post it here for your enjoyement too:
  Illegal activities - 1
  Malware countermeasures - 1
  Network restriction circumvention (ie. porn) - 4
  Paranoia - 4
  Principle - 5
  I counted the "ohnoes my ISP will flag me and my roommates totally sniff my packets all the time" as paranoia. I didn't count non-firsthand usage statements as anything and didn't flag any answers as trolls. The ratio of people who needed Tor versus those who just use it seems to be 5:9 in this sample. Interesting stuff.
16. Re:What is the actual purpose of using TOR? by gl4ss · 2011-05-08 20:34 · Score: 1
  
  well, one thing is for searching stuff that might be illegal to even look information about in your country. because if someone gets to know that, they can try to blackmail you, you have to bribe them or officials or just end up in a chinese jail. and it's useful if you're in a sect and looking for a way out.
  another reason is that it makes it harder to track who you are, say if you're looking to download something from a site you know to have an admin who looks at the logs about who's ip it is. this is partially why I keep my images I want to keep public on flickr, were it my own server where I could log the http accesses I could be tempted to guess who's looking periodically at them. but since I'd just get hits and some referrer information from flickrs logs, there's less risk of that for people who view them.
  also - and this is important - many university housings etc provide you with an ip address that's trackable to right where you are, so it helps a bit if you have a stalker problem or such. or it might generate you a stalker problem.
  but most are just people who are scared of the warez police, scared of the drug police or scared of the porno police. you know, people who wouldn't visit a doctor to get pills, who wouldn't go to booze store to buy booze, who wouldn't have gone to gas station to buy porno. and usually scared of someone stealing their ideas - ideas other people have too already because they're so simple but they don't understand because they don't speak to other people.
  
  --
  world was created 5 seconds before this post as it is.
17. Re:What is the actual purpose of using TOR? by Jane+Q.+Public · 2011-05-08 20:43 · Score: 1
  
  I see. The results are interesting. I would count myself among the "principle" group. I have used Tor, but have also found it to be slow, which rather weakened my resolve to use it for principle alone. However, I still support it because something that may be inconvenient today may turn out to be the only possible avenue tomorrow. One never knows. You can call that paranoia if you like, but I prefer the term "preparedness".
  
  And the assertions by some that "half" of the Tor exit nodes are monitored is ridiculous. There are far too many. I could set up one tomorrow, take it offline the next day, turn it on again 3 days later, etc. While such sporadic availability is discouraged, still it is possible.
18. Re:What is the actual purpose of using TOR? by Jane+Q.+Public · 2011-05-08 20:57 · Score: 1
  
  "Anonymous speech will do nothing to ensure a free society - you need to be prepared to stand up and be counted and not hide behind a fuzzy layer of anonymity... I agree with the OP... Why would you want to be anonymous?"
  That's GP, not OP, but regardless:
  
  I refuse to go over the last 300-400 years of history to illustrate why this is important. There are so many reasons... but rather than just blow you off (which am half-tempted to do), I will instead point you at the following article: https://www.eff.org/issues/anonymity
  
  If you aren't satisfied with that, just google "anonymity 'supreme court'" and read what you find.
19. Re:What is the actual purpose of using TOR? by Jane+Q.+Public · 2011-05-08 21:08 · Score: 1
  
  And by the way: if you don't think our founding fathers (who used anonymity to their benefit) were willing to stand up when it counted, then you don't know your history.
  
  When, at the signing of the Declaration of Independence, John Hancock said that the revolutionaries must be unanimous and that "We must all hang together on this," Benjamin Franklin replied "We must indeed all hang together, or most assuredly, we shall all hang separately."
  
  I think it is pretty clear that he was right on that point. And yet: they wrote anonymously when they felt it necessary to protect themselves and their families from retaliation by the existing government.
  
  That is the difference between bravery and stupidity.
20. Re:What is the actual purpose of using TOR? by bradley13 · 2011-05-08 21:20 · Score: 1
  Various thoughts here:
  You may be looking for non-illegal content, but worried that you may come across something illegal in the course of the search.
  It may be that you simply want to ensure that your private activities cannot be easily combined with your public activities.
  Some people view proxy services as an additional defense against malware sites
  There are people with a real need for anonymity, because they are engaging in political speech frowned upon in their country, This is not just China. Example: in most of Europe, it is illegal to express any doubt at all as to the historical truth of the Holocaust. I don't mean denial, but even questioning the number of victims, or how they were selected can get you sent to jail. Before the Americans start touting their "freedom of speech", how about the guy who was arrested for having printed a text-file describing an underage sexual encounter, or the chemistry teacher arrested for discussing (purely theoretically) the processes used to produce meth?
  Finally, many of us use anonymouse services to provide a larger group of anonymouse data - thus allowing people with a real need for anonymity to better hide their activities.
  Those are just quick ideas - I am sure that other posters will have other ideas as well...
  --
  Enjoy life! This is not a dress rehearsal.
21. Re:What is the actual purpose of using TOR? by WegianWarrior · 2011-05-08 21:34 · Score: 1
  
  While I can't speak for the other users of Tor, I have found it extremely useful and even vital for computer security in the location I am now: Sudan.
  Let me explain: I'm working for the UN, and have brought my own laptop. I'm buying "wireless broadband" from a local ISP, who is anything but broad... but thats a different matter. Since I like keeping my computer safe, I need to download the latest patches for Flash and Java and so on and so forth... which is where the problem arises. You see... the US is currently boycotting Sudan, which means that if I go to Adobe's website with a Sudanese IP I can't download the patch I need...
  Using Tor I can bypass this problem, for the small price of an even slower connection. I can also access other sites that block traffic from Sudan (which is a few) or which the Sudanese Government sensors (which is more than a few). Naturally I surf without Tor when I don't have to use it - my connection is slow enough as it is...
  So at least for me - and many other in my situation - Tor is used to actually access things we couldn't otherwise reach.
  
  --
  Everything in the world is controlled by a small, evil group to which, unfortunately, no one you know belongs.
22. Re:What is the actual purpose of using TOR? by tehcyder · 2011-05-08 23:13 · Score: 1
  
  Example: in most of Europe, it is illegal to express any doubt at all as to the historical truth of the Holocaust. I don't mean denial, but even questioning the number of victims, or how they were selected can get you sent to jail.
  Sorry, but that is total and utter fucking bullshit.
  
  --
  To have a right to do a thing is not at all the same as to be right in doing it
XeroBank Browser? by antdude · 2011-05-08 09:29 · Score: 1

How about https://xerobank.com/download/index.html ? However, its Firefox is outdated. Supposedly, they are making a new one?

--
Ant(Dude) @ Quality Foraged Links (AQFL.net) & The Ant Farm (antfarm.ma.cx / antfarm.home.dhs.org).
You're doing it wrong. by atari2600a · 2011-05-08 09:42 · Score: 1

Tor isn't 'a proxy', it's a router. Privoxy / Polipo is the proxy. Either way you offer too little parameters for 'secure'. Do you mean like cache retention or some magical network breach or what?
Simple by Patrick+May · 2011-05-08 09:43 · Score: 1

Is there anything more secure than Tor, as far as anonymous browsing goes?
Yeah, don't fucking use Windows.
1. Re:Simple by SonnyJim · 2011-05-08 12:45 · Score: 1
  
  If that were an option, I wouldn't have asked the question.
i2p by bjs555 · 2011-05-08 10:19 · Score: 2

I was trying out iMule and saw that it uses a network layer called i2p that supports any application that can run using a proxy. You might want to give it a try.
i2p is available at http://www.i2p2.de/
Here's a description of i2p from the introduction:
-----
"I2P is a scalable, self organizing, resilient packet switched anonymous network layer, upon which any number of different anonymity or security conscious applications can operate. Each of these applications may make their own anonymity, latency, and throughput tradeoffs without worrying about the proper implementation of a free route mixnet, allowing them to blend their activity with the larger anonymity set of users already running on top of I2P.
Applications available already provide the full range of typical Internet activities - anonymous web browsing, web hosting, chat, file sharing, e-mail, blogging and content syndication, newsgroups, as well as several other applications under development.
Web browsing: using any existing browser that supports using a proxy.
Chat: IRC, Jabber, I2P-Messenger.
File sharing: I2PSnark, Robert, I2Phex, PyBit, I2P-bt and others.
E-mail: susimail and I2P-Bote.
Newsgroups: using any newsgroup reader that supports using a proxy."
My Cocktail Mix for Delusional Conspiracism by znigelz · 2011-05-08 11:53 · Score: 1

Firefox in privacy mode with NoScript, HTTPS Everywhere, Better Privacy, Tor Button extension for Tor and Privoxy, an ip filter (linux: ipblock, windows: peerblock), FlagFox extension to always have a visual cue where the server is located, and a system firewall rejecting everything but the specific ports that you use (22, 80, 443, other program specific ports, etc). If I really was worried about privacy, I would also connect across free online VPN (from your own first world country preferably). It may be possible to daisy chain a few vpns (and also a few proxy servers for that matter), but I'm not really that interested in security. Plus an intrusion detection and prevention system like Snort using a log viewer.
Better than Tor... by mr_lizard13 · 2011-05-08 11:54 · Score: 1

I wear a balaclava and plastic gloves when browsing.

--
"We live in a global world" - Harvey Pitt, former Securities and Exchange Commission Chairman
Don't use Torbutton on your everyday Firefox by Anonymous Coward · 2011-05-08 12:08 · Score: 2, Interesting

Torbutton as an addon is a step backwards from Tor Browser Bundle. It was discontinued for a reason. You're not smarter about Torbutton than the developer of Torbutton, and here's what he says:

I realized at that same instant that in hindsight, this decision [to use one browser instance/profile for Tor and vanilla browsing] was monumentally stupid, and that I had been working harder, not smarter. However, I thought then that since we had the toggle model built, we might as well keep it: it allowed people to use their standard issue Firefoxes easily and painlessly with Tor.
I now no longer believe even this much. I think we should completely do away with the toggle model, as well as the entire idea of Torbutton as a separate piece of user-facing software, and rely solely on the Tor Browser Bundles, except perhaps with the addition of standalone Tor+Vidalia binaries for use by experts and relay operators.
The Tor Browser Bundles will include Torbutton, but we will no longer recommend that people use Torbutton without Tor Browser. Torbutton will be removed from addons.mozilla.org, and the Torbutton download page will clearly state that it is for experts only. If serious unfixed security issues begin to accumulate against the toggle model, we will stop providing Torbutton xpis at all.
Makes sense to me.
Re:http://www.happyshopping100.com by ColdWetDog · 2011-05-08 16:47 · Score: 1

$10 Bikini (Ed hardy,polo)

I know you're not very bright, even for a bot - but I think you're barking up the wrong tree. You might want to go back to the Viagra stuff. Or maybe Rhogaine.

--
Faster! Faster! Faster would be better!
Firefox plugin: Cocoon by coherence · 2011-05-08 16:49 · Score: 1

Disclosure: I know the guys behind it. Try Cocoon (getcocoon.com). It's a Firefox plugin that is exactly what you're looking for - an alternative to Tor. Win, Mac, Linux (ahem most of the time anyway). It does more than protect you browsing; for example, I registered for this /. account using Cocoon. The evil overlords at Geeknet don't have my real email address/identity.
OperaTor by andcal · 2011-05-08 17:15 · Score: 1

I can't believe no one has said anything about OperaTor yet. Mostly because it's the only one I was aware of before this article
Is it because OperaTor doesn't appear to be in development anymore (as in dead).

--
--something witty
Re:XeroBank Safehouse: Virtualized Browser + Apps by boing3r · 2011-05-08 18:32 · Score: 1

I just went to xerobank.com, and then went to your 'anonymity checker': https://xerobank.com/tools/anonymity-checker/ which told me this scary stuff:

Network Legal Risk: High (fix)
Warning: ISP Spying Risk (fix)
Critical Threat: Data Interception Detected (fix)

Funny thing is, it told me exactly the same thing whether I was coming through my secure proxy or straight through my ISP. Fess up - it's just canned, and always shows the same 'warning's, right?
Browser ID and the short attention web by RobertB-DC · 2011-05-13 08:00 · Score: 1

Your point is well-constructed... but it also shows that you have a bias towards content over presentation.
The fact that it's all one long paragraph, is missing occasional letters, and may have small grammatical errors is absolutely irrelevant to the point that you are making. You used concrete examples and came to a logical conclusion.
But the rest of the world is biased toward presentation over content. It's sad, sure... but it's been that way since the Eternal September, and it's not going to change. In fact, the short-attention-span web is hurtling forward 140 characters at a time, thanks to look-a-birdy sites like Twitter and Facebook.
And in that web, you have to know what browser your visitor is using, so that you can give them the brain candy they want before they lose interest and look, a birdy.

--
Stressed? Me? Of course not. Stress is what a rubber band feels before it breaks, silly.