[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] How to use Tor without a website knowing I am using Tor - possible?
- To: tor-talk@xxxxxxxxxxxxxxxxxxxx
- Subject: Re: [tor-talk] How to use Tor without a website knowing I am using Tor - possible?
- From: Mirimir <mirimir@xxxxxxxxxx>
- Date: Sun, 19 May 2019 19:26:55 -0700
- Autocrypt: addr=mirimir@xxxxxxxxxx; prefer-encrypt=mutual; keydata= xsBNBFEN49cBCADWl1VZKYO8L+f/65G2nBWzh41VTAZDcJSxMWXrBSvpJzzLt6sJf0L0Rjmy W4VPxJMCm/32auRAp8Xx1iNmBpvYENSM1YJVWfk43tlSOY8CR3TVODMxWPhUu48Pb9OKSntz WHGwdZmOr14zF9vr4PaS9A6+Hyt9FPKuGcQFw7K8jK1Hpp5XgdY/DMHKeaJykJ8JH1HBTFTT OJdxIWu6cZ+spNaNfKdnNjk98hMPw69isVGzcm7b3lJUsjVnMSqnrtZ8CSIv1njyxJH7NB5n LzrE7EiXR37k+4Poc9/DeLSAKrq5N3ZMpX1EDOoXFa8lLVGWHBTwVN/tl7FLM0NmVuL5ABEB AAHNHG1pcmltaXIgPG1pcmltaXJAcmlzZXVwLm5ldD7CwIEEEwECACsCGyMGCwkIBwMCBhUI AgkKCwQWAgMBAh4BAheAAhkBBQJafNQ7BQkNMVdkAAoJEGINZVEXwuQ+5LoIAKyZQDkNqj+Y E26o1bdEQlmOLhhXev45euNCnaFrnbOyKLivHdF4vvXyWBTzJmCsoRxTJ0A3Zmwa3ZihbKaU FCAdRgspLfA+TGICVYOztB+faWV18k5OTCk7ZiBQ/mOMQA4p3RPOV+UCgdelvZRHrFdUgHro dho/FqZhRoPdsPPB08QBisDO7SfFMMe9U9EZ03n4f2TvMgaTjK/kZCopwgLj2nB11SnCYfWJ jxUFDs+VFObf/jSK8T0SX9O6p430NWZm30vutUVac9lfodMjBcJqTnFxmZrwQomlCYGvSqNw 4Xy5+/gBzv/flXHngQSU053smHRtrMlGK5OU1RSixDfOwE0EUQ3j1wEIAMDcexhcaIO5jpl+ SHM14zuBvF2QG61IpH4Lag6nQmSMTljizuJg2kLaLbfc69AxmjuL5obqYi5ywXn4kQKqiwfa OHvVlKn662/J5YgXuc8tRLyqvgb+hibtAnlhWAuusP0eoQQP6SAASRjtrb8RVapTzJXy2Snf PtkcdtkTLLLcyeGoDOkpPkspnnp8avvI9ayzhGFLg9qNWaIuBMudxT6oHK4rZH+Sv6km9viI /ziV6E8Z+PpvMsGdebeYBLQA7ueuTbyOGbDyProwvocrKynI/UM40VYS8bS1PjWtljUlj7Vx 8C/746hnfdge0m24jnaWfu5UDjwpsHzs/JXqklsAEQEAAcLAZQQYAQIADwIbDAUCWnzURgUJ DTFXbwAKCRBiDWVRF8LkPsCjCACNvnnmpcDwEbtXUFZD/+ewNlPfM9o0mIXgi7DIVR9MVCw/ u14+mJUlQny4jPRV+hv/erjbiqEcVPZ296J3I4kUvO4slI+ZyODsRQSzwMz6ihwC6nN1xove YSBzVKKQrV+FDHVk6dJVLtgPdewOR9ZAar7mEbCLTJZ/e5aVb+NrlC1jWx3V3mMGCKOsEHhu 97cu3AswlxhzqPjczTo3rjtcfxdjeGU6mIEEAlhUlVDdfbGLODIyCXrP39zYxYXFFpVcbGAu +cndl1AQkIXUiMoJuzTMU8TQ+zz8yLof9fB7Y8O8VbmZBPQqN2IiHPeGbfqZjk/uHjJQUayI +beL0kxL
- Delivered-to: archiver@xxxxxxxx
- Delivery-date: Mon, 20 May 2019 04:01:25 -0400
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/simple; d=riseup.net; s=squak; t=1558319218; bh=obde0bnzvApW/OCPaMfYi81OJ63h3t0OMio1pOcEU88=; h=Subject:To:References:From:Date:In-Reply-To:From; b=S8aQJDlQIBEeMzvxTucFe8CWEnX7OR6X1bi03xJI2MS5b7DHWXaaq4o0hdQ/EwBem b2uGyACUIh284h5JNgcS6UMwX4e5ofWnIoaqFGmSrqR8WjNVrycUCx544XaSxWGgvT 7fpwsy9AYt4Ie8o+pvQq4r+RIooIaaRENCFy99VA=
- In-reply-to: <39bb384d8d544c702f0ee5a46d7e35a4.squirrel@danielas3rtn54uwmofdo3x2bsdifr47huasnmbgqzfrec5ubupvtpid.onion>
- List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
- List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
- List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
- List-post: <mailto:tor-talk@lists.torproject.org>
- List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
- List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
- Openpgp: preference=signencrypt
- References: <39bb384d8d544c702f0ee5a46d7e35a4.squirrel@danielas3rtn54uwmofdo3x2bsdifr47huasnmbgqzfrec5ubupvtpid.onion>
- Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
- Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>
On 05/19/2019 01:51 PM, jiggytwiggy@xxxxxxxxxxxxx wrote:
> What's the best way to connect to a site via Tor if the site engages in
> exit censorship?
There is no entirely good way.
There's the Cloudflare Onion Service.[0,1,2] Basically, Cloudflare
redirects Tor users to its onion service, which then connects to the
website. So there's no exit involved, and no CAPTCHAs. However, that
only works for sites that use Cloudflare. And both you and the site must
trust them.
> Bridges - or is there a better option.
Not bridges. That's on the guard side. Maybe "exit bridges". But those
would be blacklisted just as fast as exits are.
> In short, I want to have all the benefits of Tor without the destination
> site knowing I am using Tor. Is this even possible?
If you're desperate, you can try an HTTPS proxy, or route a VPN via Tor.
But HTTPS proxies are typically scummy, and may inject ads, or even drop
malware. Some VPN services are probably honest, but most of them are
also scummy.
Your best bet is running your own HTTPS proxy or VPN, on a VPS. But it
must be a VPS leased anonymously through Tor, using Bitcoin that's been
mixed at least twice through Tor. Some VPS providers accept other
cryptocurrencies that may be intrinsically more anonymous than Bitcoin.
But even so, that funnels your Tor traffic through that VPS. So you're
no longer just some anonymous Tor user. You're linked to that VPS. So if
it gets linked to you, then everything you've done through it gets
linked to you. Also, if you use a VPN, that pins the Tor circuit that
it's using. And that increases the risk of traffic analysis.
Bottom line. Using HTTPS proxies or VPNs through Tor is dangerous. So if
you do it at all, you should only do it only when absolutely necessary.
Using your own HTTPS proxy is probably the least dangerous option,
because that doesn't pin Tor circuits.
0)
https://www.securityweek.com/cloudflare-launches-security-service-tor-users
1)
https://www.bleepingcomputer.com/news/security/cloudflare-ends-captchas-for-tor-users-while-blocking-bad-actors/
2)
https://support.cloudflare.com/hc/en-us/articles/203306930-Does-CloudFlare-block-Tor-
--
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk