[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] catastrophe: ip-api.com sees me

I am putting Tor on the back seat after months and months of arduously trying to improve Linux distros (several) for this purpose, and looking at the various sec options on offer including Tor, in part for precisely the reasons being described, albeit observed in the Tor Browser Bundle and in secure distro conditions provided by TAILS. 

Tor Browser is indeed the recommended vehicle for Tor web, for all the reasons cited. I have found its EFF fingerprint woefully degenerated from that seen a couple of years ago, for no reason of which I am aware. Tor Browser does not lack a fingerprint: it is uniform, the intention, like TAILS, being that users become indistiguishable from each other. The EFF profiling page used to produce radically improved results between TBB running under Windows and the likes of TAILS, but I have been surprised at recent results. I have seen this observed only once in forum posts when I searched not so long ago. 

Feedback evidenc3, more worryingly still, suggests that Tor is doing worse than the notorious DNS leak risk or cross-site fingerprint correlation, et al, including where observed with TAILS. My view, like it or not, and I suspect rarely observed, is that clearnet search engine behaviour using 'privacy oriented' clearnet engines, and clearnet web randomizers, exhibit a behaviour best likened to data analytics associated with commercial tracking, keyword behavioural advertising, etc., in turn suggesting routine capture of torified DNS resolution: since TAILS is regarded a secure Torified solution, it can be considered to be least likely to leak DNS by other means, etc., and provides a good litmus test for this fail. I encourage anyone to explore the problem. 

Meanwhile, I have had to take a break from the Tor issue. I feel the TBB, which contains everything needed to run Tor and includes all available pluggable transport support in a constantly updated and readily available form, would offer the best way to run Tor under Linux if linked to the Tor service or daemon (ie. assuming Tor's init.d script and tor defaults can be pointed at the data in TBB instead), allowing for iptables isolation problematic or impossible with TBB itself, also a chroot-ideal isolated package - rather than having to deal with the Debian package for vanilla Tor or its single (practically depracated) Obfs3 transport package, or scrape together further transports, etc., and install the Tor Launcher package and then download Tor via its dedicated facility, making the browser impossible to implement for live systems (ie. uninstalled). Again, I wonder why Tor has been implemented in the way that it has and why no one else has suggested this solution. 
And that's just Tor. Then there is the work in cleaning up an OS to use (Linux is now full of pockmarks and troubles, here, imo, and lacks a serious solution - I actually hate using TAILS for its design and rigidity), and the various other potential components of a secure system, assuming one is even possible, allowing access to various sectors of the web (Clearnet, Tor or I2P, which I lack any serious documentation for, Freenet, etc). Documentation and disinformation has not helped, neither does having to leave trails of forum memberships, emails signups, etc., somewhat counter to the intentions of anonymity and privacy, surely. I am somewhat doubtful that Tor alone really represents the threat the NSA is said to attribute to it, personally. I have seen Tor claimed to have been 'broken' by the NSA, with typical vagueness - though what I see resembles basic data analysis visible in online feedback. I have had to work too long, observe and deal with too many failings, where time is indeed money, and need a break, still more given an apparently insurmountable glitch I do not see observed elsewhere. 

​Sent from ProtonMail, Swiss-based encrypted email.


-------- Original Message --------
 On February 8, 2018 8:54 PM, Seth David Schoen <schoen@xxxxxxx> wrote:

>Dash Four writes:
>>Which part of "provided you know what you are doing" don't you understand?
> You still can't mitigate the browser distinctiveness issue through
> expertise or caution, so you can't get the same level of cross-site or
> cross-session unlinkability that Tor Browser users can get.  But
> indeed, not everyone needs cross-site or cross-session unlinkability
> for their uses of Tor.
>Seth Schoen schoen@xxxxxxx
>Senior Staff Technologist https://www.eff.org/
> Electronic Frontier Foundation https://www.eff.org/join
> 815 Eddy Street, San Francisco, CA  94109       +1 415 436 9333 x107
>tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
> To unsubscribe or change other settings go to

tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to