[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] getting Tor to be default browser

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] getting Tor to be default browser
From: Dave Warren <davew@xxxxxxxxxxxx>
Date: Mon, 05 Sep 2016 20:45:12 -0700
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 05 Sep 2016 23:45:34 -0400
Dkim-signature: v=1; a=rsa-sha256; c=simple; d=hireahit.com; s=MD-20140321; t=1473133514; x=1473738314; i=davew@xxxxxxxxxxxx; q=dns/txt; h=Message-Id:From:To:MIME-Version: Content-Transfer-Encoding:Content-Type:Subject:Date:In-Reply-To: References; bh=+7OiyRoIGmfGl8WV03S0PN9R8HzHh8NKg1iyymZiLqw=; b=x d89voZZW6G4JTNoFlOiKY1zZBloICZsttIHharCBC8d4AuBK1+r6m7bgZF4qL/FN Zvg6T13Bs+B9G5I1uvWX0mRwUQVNgKL/rG/ltHcXC6nfqs1g3xv3YgGQzpCGpYZd t/kNvK+m3a1JfcpqF2BdDU/X1E5IsdIhoKi2+waorE=
In-reply-to: <20160905065118.GC7583@jens-ThinkPad-Edge-E145>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <08FBEC0A677E4DC3B6C52B2CB6F780DF@JohnHome> <20160904203806.GA7583@jens-ThinkPad-Edge-E145> <1473025823.801064.715548353.740B3F09@webmail.messagingengine.com> <20160905065118.GC7583@jens-ThinkPad-Edge-E145>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>
Vbr-info: md=hireahit.com; mc=all; mv=vbr.hireahit.com;

On Sun, Sep 4, 2016, at 23:51, No Spam wrote:
> On 16-09-04 14:50:23, Dave Warren wrote:
> > <...>
> If this is the Setting, I THINK Whonix has their VM build with TBB as
> Standard Browser

Probably, but in my (limited) experience, it's either painfully slow or
a memory hog, or both. The overhead for a Windows 10 VM is surprisingly
small, and it's snappy and responsive.

Attacks to identify me and/or correlate my physical location or "real"
identity vs my tor identity aren't a threat model that worry me in my
circumstances, so this configuration is Good Enough for my purposes.

> > I also feel that adding legitimate traffic to Tor is a net positive to
> > the network (since capacity is not currently an issue), if only to
> > prevent the perception that all of Tor is evil bad people doing evil bad
> > things.
> Yes but the biggest Problem are Malicious Gateways that may try to
> steal Credentials or put Malware in you Downloads

This is why god invented HTTPS and HTTPS Everywhere. I wish TBB didn't
block 1Password (although I understand why it does), as this would
reduce my exposure to various types of attacks. Also, I trust random Tor
nodes more than random wifi hotspots in tourist/traveler locations
(airports in particular, where you have gov't actors, the airport itself
and other users).

> IMHO the best way to legitimate the Tor network would be to provide and
> use HS ( which are much less prone to the previous mentioned Problem
> AFAIK ).

Having trivial access to hidden services is great too. Facebook is a
prime example, I have no practical need as I'm using my real identity,
not hiding anything, Facebook forces HTTPS (and I believe, pins their
certificates in HSTS lists?), and I discuss my approximate physical
location with people on Facebook. But it's likely harder to attack the
hidden service than the public HTTPS site, plus staying within the tor
network has benefits.

But, I want the output from Tor exit nodes to show more legitimate
traffic, so even for non-HS traffic, I feel that adding legitimate
traffic is a net good idea until/unless the tor network becomes
over-saturated or my traffic otherwise impedes a user with actual safety
or security needs. I would always yield to those users, as I am lucky
and privileged enough to not be one.I understand why the Cloudflares of
the world see a lot of abuse coming from tor, but I want to them to see
a lot of legitimate user traffic as well.

-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] getting Tor to be default browser
  - From: Random User

References:
- [tor-talk] getting Tor to be default browser
  - From: John Boncek
- Re: [tor-talk] getting Tor to be default browser
  - From: No Spam
- Re: [tor-talk] getting Tor to be default browser
  - From: Dave Warren
- Re: [tor-talk] getting Tor to be default browser
  - From: No Spam

Prev by Author: Re: [tor-talk] Help
Next by Author: Re: [tor-talk] Any news on Disconnect.me w/ Google ?
Previous by thread: Re: [tor-talk] getting Tor to be default browser
Next by thread: Re: [tor-talk] getting Tor to be default browser
Index(es):
- Author
- Thread