[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Hardened Tor Browser for Windows



On 10/19/2016 05:06 AM, Jon Tullett wrote:
> On 18 October 2016 at 03:18, Mirimir <mirimir@xxxxxxxxxx> wrote:
>> On 10/17/2016 06:50 PM, I wrote:
>>>
>>>>
>>>> Running Tor on Windows makes little sense,
>>>
>>> Didn't Roger ask for more operating system diversity and mention Windows?
>>
>> Maybe he did. Cite?
>>
>> But nevertheless, in my opinion, Windows is too snoopy.
> 
> For the record, I'm not personally opposed to the telemetry in
> Windows, in context. But I am curious whether the data gathered by
> Microsoft could deanonymize a Tor user by, eg, pinpointing Tor usage
> within a specific time frame, given a number of assumptions about an
> observer's ability to correlate multiple visits to a surveilled site
> and so on. I imagine Microsoft would not willingly divulge such info
> ("tell us everything about everyone using Tor at these moments" isn't
> much of a warrant) but the possibility is what interests me.

Yes, Microsoft would probably not divulge such user data freely, and
perhaps not even under subpoena. But consider Microsoft's risk model in
gathering the data. Conspiracy theories aside, they arguably gather it
for debugging and marketing. So even if it's encrypted, it may not be
secure against resourceful adversaries.

So anyway, if I wanted to use Tor on Windows machines where I couldn't
install stuff or boot Tails, such as at school or work, or in public
libraries, Tor browser would be my only option. I do get that. And for
sure, I would want a hardened browser.

But still, I would feel betrayed if Windows leaks pwned me, and Tor
Project hadn't warned me about that. And further, if I actually could
have installed VirtualBox and Whonix, I would feel betrayed that Tor
Project hadn't recommended that approach.

> My guess is that the answer is probably no, at least not practically,
> but I wouldn't want to stake my life on it.

Right. And it's not just that Windows leaks data. It's just such a
security nightmare. Consider the FBI's NITs. Even if they have a Linux
dropper and payload, it would fail totally in Whonix, unless it could
break out to the host machine.

> -J
> 
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk