[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] When to use and not to use tor.

On Wed, Jun 15, 2011 at 6:33 AM, Joe Btfsplk <joebtfsplk@xxxxxxx> wrote:
> On 6/12/2011 1:22 AM, Seth David Schoen wrote:
>> Your communication with an online banking site usually _would_ be
>> encrypted with HTTPS, which would encrypt your login password.  For
>> instance, if you were banking with Bank of America, you would normally
>> start your login process at
>> https://www.bankofamerica.com/
> You are correct Seth.  I misspoke when I said login info on an encrypted
> site would not be encrypted - it would be.
> I'm not sure of the answers to questions I'm posing - but they are good
> questions.
> If Fernan's goal is anonymous online banking, I guess he'll need to use some
> proxy.  What does anonymous banking mean - not wanting your ISP to know
> which bank sites you use (even if they can't see encrypted data)?  Once
> logged in, the bank pretty much knows it's you.


Please note my original intent with I started this thread was to
create a base set of rules for my users to follow to maximimize tor
anonymity and not become a tool against anonymity.

So when I started googling I found suggestions from various mailing
lists and forums, however I could not find anything specifically
suggested by the tor developers or privacy advocate groups like eff.
Another vector I was looking at is to send out a set of suggestion to
the tor button in setting up warnings to prevent users from using tor
incorrectly like.
1. if somebody runs bittorrent traffic send a warning
2. if somebody sends an unencrypted web form through tor send a warning
3. set the always warn unencrypted webpage when tor is enabled.

that said, I did found this
https://www.torproject.org/download/download.html.en#warning. It forms
a general guideline in using tor. It's not as specific as the ones
from other forums, but it seems to be inline with that.

tor-talk mailing list