TOR ... to use, or not to use?
Page 1 of 2 12 LastLast
Results 1 to 10 of 19

Thread: TOR ... to use, or not to use?

Hybrid View

  1. #1
    Member
    Join Date
    Dec 2011
    Posts
    35

    TOR ... to use, or not to use?

    Hi all, I'm new here, so please excuse my noobness.

    I'm one of those guys wanting to better secure my browser/information, and I know Proxy jumping is one way of achieving that (IE. TOR project).
    Only problems are:
    1) Many websites block well known proxy servers.
    2) The last jump from proxy to server is not encrypted, and prone to man-in-the-middle attacks.

    I really don't mind the 2nd issue, as long as I'm not logging into any websites and want my information (password) leaked.
    However, if I want to log-in (especially HTTPS / SSL), I think I would stay away from those.

    I'm currently using google's secure DNS proxy server to do my browsing.

    So... the question is:
    Would you guys use TOR to do your secure (HTTPS / SSL) web browsing?

    If not... how/what would you do/use?

  2. #2
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,178
    Would you guys use TOR to do your secure (HTTPS / SSL) web browsing?
    No............... it's too slow and unreliable.

    If not... how/what would you do/use?
    A directional antenna and one of the numerous unsecured WiFi hotspots within range

    I may well have totally misunderstood your question, if so, please correct me.

    I think that you have two issues or concepts here, that are frequently contradictory?

    1. Online anonimity and traceability.
    2. Online communications security.


    In scenario #1 I am an urban revolutionary with my copy of the "Anarchist's Cookbook" close to hand (never found anything in there that tasted nice)

    I don't want anyone tracing where I am or where I go on the internet.............. so I don't go anywhere near Google, for a start.

    I could use proxy hopping, which would hide my details from the target location. it would NOT hide my traffic from my ISP, and the mere fact that I was using a proxy might get me access denied or at least draw attention to myself?

    Now, if I use my neighbour's unsecured WiFi, I am not using my ISP, I am using his. In reality I would use the bar down the road............... they are a client and an hotel......... lots of customers on a daily basis, and I know the security, passwords etc.........................

    And I have disabled Global Positioning in my web browser, so it looks like I live 80 miles away.

    On the other hand, I could pick on a neighbour I don't like; use their unsecured WiFi, then go to a proxy.................... The Man will not believe that they were hacked in that scenario?

    In scenario #2 I actually want my online bank or e-commerce supplier to positively identify me. I don't want some online scumbag messing with my account do I? For that I use HTTPS/SSL as that is what they guarantee.
    Last edited by nihil; December 31st, 2011 at 05:24 PM.
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  3. #3
    Senior Member
    Join Date
    Mar 2008
    Posts
    262
    +1

    In the USA most shopping malls I've encountered have free wi-fi with relatively fast internet access. One can sit at a table and enjoy a beverage while surfing anonymously.

    Bank of America offers patrons a SecurID or similar card to enhance the logon/security process. Most people don't construct complex passwords of sufficient length nor do they change them often enough.

  4. #4
    Leftie Linux Lover the_JinX's Avatar
    Join Date
    Nov 2001
    Location
    Beverwijk Netherlands
    Posts
    2,535
    ASCII stupid question, get a stupid ANSI.
    When in Russia, pet a PETSCII.

    Get your ass over to SLAYRadio the best station for C64 Remixes !

  5. #5
    Only african to own a PC! Cider's Avatar
    Join Date
    Jun 2003
    Location
    Israel
    Posts
    1,683
    Very interesting video, nice find
    The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
    Albert Einstein

  6. #6
    AO BOFH: Luser Abuser BModeratorFH gore's Avatar
    Join Date
    Oct 2002
    Location
    Michigan
    Posts
    7,177
    I can vouch for The_Jinx, as we've been friends a VERY long time. So usually, if he tells you something, he's generally got a good reason.

    Also, Jinx, if you try and leave again, I'll hunt you down, lol
    Kill the lights, let the candles burn behind the pumpkins’ mischievous grins, and let the skeletons dance. For one thing is certain, The Misfits have returned and once again everyday is Halloween.The Misfits FreeBSD
    Cannibal Holocaust
    SuSE Linux
    Slackware Linux

  7. #7
    Only african to own a PC! Cider's Avatar
    Join Date
    Jun 2003
    Location
    Israel
    Posts
    1,683
    I have watched that video 3 times, its pretty moving, what is everyones thoughts on it?

    In the video they list companies like websense, bluecoat who configure these devices for censorship ... they are actually out competition here in South Africa to a certain degree so I hate even more now :P
    The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
    Albert Einstein

  8. #8
    Leftie Linux Lover the_JinX's Avatar
    Join Date
    Nov 2001
    Location
    Beverwijk Netherlands
    Posts
    2,535
    Met the tor guys in the video last summer.
    They spend a lot of time with this cat and mouse game with filter vendors.

    I think it's a really interesting point they make how softwate first designed to keep offices clean can (and wil) be used to sensor people instead of sites.

    Personally I use tor as a tool to find information from sites I don't trust the owners of for example.
    Or sites that run way old versions of certain cmses where I know an attacker could steal the db and find out what I have been reading.
    A couple of weeks ago there was a pastebin of search strings and ip's from a medical site..
    I for one wouldn't want my IP addres connected with (for example) a search on genital warts.

    That being a weak example but you know what I mean ;-)
    ASCII stupid question, get a stupid ANSI.
    When in Russia, pet a PETSCII.

    Get your ass over to SLAYRadio the best station for C64 Remixes !

  9. #9
    Only african to own a PC! Cider's Avatar
    Join Date
    Jun 2003
    Location
    Israel
    Posts
    1,683
    I do see your point.

    The only problem with tor is the speed. If there wasn't a speed issue I think the vast majority would use it, well the people that know about and understand it.
    The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
    Albert Einstein

  10. #10
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,178
    Well,

    I, personally, have no need of it, although I can see its uses. I tried it out of curiosity a while back, but it was very slow.

    There again, the closest I will get to China is the restaurant at the top of my road, and as for the others; well I wouldn't go anywhere where they don't understand that getting p1$$ed out of your feckin mind is a fundamental male right, without a thermonuclear weapon.

    They want nukes don't they........................

    For those of us living in relative civilisation, TOR is pretty much academic, particularly when you think that your first jump is to your ISP, who can log everything.

    In less civilised places it does provide a potential route around web filtering, which is not "censorship".

    The downside is that it is very likely to draw attention to yourself.

    Just try to think like "the enemy"...................... I have a population of 30,000,000 to suppress, and 3,000 of them are using TOR.............. err who do you think that my death squads will be visiting tonight?

    Just look at Germany, Russia, China, Japan............... dictatorships don't give a damn about collateral damage, particularly on that kind of scale.

    I prefer my local bar's open WiFi, or the railway station, or the library, or the Town Hall
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides