Not as safe as you thought it was - I did try an tell ya...
http://www.zdnet.com/inside-the-tor-expl...&ttag=e539
Summary: Some of the people who were most concerned about Internet privacy, and we're using the Tor anonymous Internet service to protect it, may have been the most exposed.
This is why I use Linux
@BM - not quite as clear as it seems - beware of mainstream media.
This exploit affects "hidden" servers. These are servers which are not connected to the mainstream internet but are 'hidden' as a service in Tor. Their URLs look something like this
Http://a812jaxsdj12931^%.onion
A TOR browser will intercept this and deliver it to the hidden server. The news essentially relates to kiddie-porn sites so good luck if they get arrested.
The bug is essentially a Javascript exploit in the Windoze version of TOR Browser
which has already been fixed. It doesn't apply to the Mac or Linux versions.
It also doesn't apply when you use TOR Browser to visit regular prepper/survivalist websites
There are workarounds but if you are seriously worried or your paranoia levels are high, then use an Internet Cafe, or take your laptop into a MaccyD's or Coffee House where they have free wifi.
(6 August 2013, 15:30)River Song Wrote: [ -> ]@BM - not quite as clear as it seems - beware of mainstream media.
This exploit affects "hidden" servers. These are servers which are not connected to the mainstream internet but are 'hidden' as a service in Tor. Their URLs look something like this
Http://a812jaxsdj12931^%.onion
A TOR browser will intercept this and deliver it to the hidden server. The news essentially relates to kiddie-porn sites so good luck if they get arrested.
The bug is essentially a Javascript exploit in the Windoze version of TOR Browser
which has already been fixed. It doesn't apply to the Mac or Linux versions.
It also doesn't apply when you use TOR Browser to visit regular prepper/survivalist websites
There are workarounds but if you are seriously worried or your paranoia levels are high, then use an Internet Cafe, or take your laptop into a MaccyD's or Coffee House where they have free wifi.
TOR is for hidden services - how else do you access the Silk Road?
And this is just one documented exploit, we know there are others.
If you want to keep believing that TOR protects you online then good for you
There are three things here;
1) You as a user could connect to a Tor site handling survival material. Unknown to you there is also child porn on there and the Stasi have your address. Several years ago there was a massive round up of people, 8000 or so, who were accussed of child porn. Many pled guilty because they were threated with dire consequences if they didn't yet there was no real eveidence against most of them. They had simply used a service to access legal material that was also used for child porn. Never trust the Stasi.
2) The Stasi have been using this technique on the Internet for years. Proxy servers, Anon Mailers, everything has had a trojan horse set up by the Stasi and used to monitor and track you. However, Tor is different. If you use it to browse around you will come across their servers at some point simply because you don't recognise the names and people, and govs, inject malicious code.
3) SUrely hacking someones computer and injecting malicious code is a crime. Someone should report this.
Be careful out there.
(6 August 2013, 16:53)Skean Dhude Wrote: [ -> ]3) SUrely hacking someones computer and injecting malicious code is a crime. Someone should report this.
Who polices the police?
Therein lies the problem...
With all the information Snowdon released it's painfully obvious that nothing is 100% secure - believing in the hype from something that claims to provide 100% anonymity is dangerous. My IP will definitely have been logged, as I frequently browse the silk road on this laptop. One saving grace is that it connects over the work N3 connection
I think a number of misunderstandings here.
@BM - TOR is not for just hidden services aka .onion services. Yes there are a lot of those but I use TOR to access mainstream sites which are not hidden.
@SD - yes you might access a site for say "Blackberry medicine" which is located on a shared server with an address 123.255.12.17. IF on that machine there is also a porn site, then you could be compromised although IP logs do differentiate between virtual servers.
But yes - considering Snowdon, -- nothing is 100% safe so plan accordingly.