D&C GLug - Home Page

[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]

Re: [LUG] Tor Project

 

On 04/04/13 16:32, bad apple wrote:

Why on earth would you suspect that I, of all the fine upstanding
citizens of the internet, would know anything about Tor eh Neil?

Ok, guilty as charged! Not only do I use Tor, I also run an exit node
and have run several others previously.

As others have pointed out, Tor is an anonymity tool and not anything
else: it certainly won't help you trim down your spam count. It is used
when you want your originating IP to be something other than the one
that can be trivially traced to your ISP account by the powers that be -
obviously this has many uses, some nefarious and some perfectly valid.
It is commonly used by:

Evil spammers who relay their exit nodes out over Tor (these are mostly
blocked by mail admins)
Hackers (obviously - the good ones have their own private proxy chains
built from compromised hosts as well)
Activists (in my opinion the most valid and essential use for the Tor
network)
Whistleblowers (Bradley Manning should have used Tor, not that it would
have ultimately saved him)
Downloaders (very handy for accessing thepiratebay.se and other 'banned'
sites)
Shoppers (the only way to connect to the infamous 'silk road' online
drugs supermarket)

Personally, I use it for reasons 2 and 5 on the list - as I happen to
believe very strongly in freedom of expression and sidestepping
censorship on principle I firmly support the Tor initiative as the need
for Tibetan, Iranian and oppressed peoples all over the world to
communicate freely is critical (much more important than my 'need' to
access the Pirate Bay for example). Certainly and inevitably, some
people do abuse the Tor service but it is an increasingly vital player
in a depressingly segmented and balkanised internet.

Some notes: if you're going to use it, get the up to date versions from
https://www.torproject.org as the versions in the repos are out of date.
On windows, just grab the Tor browser bundle. On Linux, use a secondary
browser and set it (I happen to use Chromium locked in private mode)
permanently to your internal Tor proxy - don't forget that virtually any
program can be routed over Tor using a 'socks-ifier' such as tsocks. If
you're serious about anonymity, do *NOT* use your normal browser - such
as Firefox with an extension to switch between proxy settings (like
Torbutton, FoxyProxy) as your browser can be independently
finger-printed at the other end, somewhat defeating the object.

Used correctly, Tor provides very strong anonymity - even though it's
commonly known that several (perhaps even the majority) of Tor exit
nodes are run by and monitored by intelligence agencies, short of 'black
boxing', a theoretical attack where government agencies with nearly
unlimited access to computing power and the telecoms infrastructure
compare *all* ingress and egress points across a given area to match a
specific connection by timing signatures - so unless you are doing
something unbelievably naughty it's highly dependable to keep you out of
trouble.

Similar but different technologies include i2p and Freenet, both easily
found on the internet. i2p sadly is a java app and thus sucks quite a lot.

Cheers

Yes, I do understand that Tor will not help with spam emails. Just showing my irritation I suppose.

I do normally use Firefox as my browser. I do not have Chromium installed. I have tried it in the past, before I upgraded to my current distro, and I did not like it at all. I do have Opera installed, would that one do? Is the idea that I would use this secondary browser just for Tor?

Thanks

Neil

--
The Mailing List for the Devon & Cornwall LUG
http://mailman.dclug.org.uk/listinfo/list
FAQ: http://www.dcglug.org.uk/listfaq