TOR browser
Posted: Wed Jul 10, 2019 1:10 pm
So, what do you guys here think, is using the TOR browser regularly a good idea? I think that it is. We need more regular Tor users to remove the stigma that the users of the TOR browser, and similar privacy-protecting tools, have. Privacy protection is a good thing even if you think you have nothing to hide, and it's important for people to realize that.
The media has, if you ask me, done an excellent job completely misinforming people about security on-line. TOR browser is being demonized as being useful only for drug trafficking and other very illegal things, as if somehow the only people who should care about their privacy on-line are people doing those things.
"If you have nothing to hide, you don't need to worry about privacy." is one of the most dangerous ways of thinking, just ask anybody who has had their identity stolen. We should use every bit of security we can afford to use, because we never know how much security we actually need until it's too late. Tor regularly adds three layers of encription to the data you send on-line, and you can add two more by using the "meek" protocol.
Right now, it's trivial for a hacker (and for the government) to see exactly which websites you visit. Once DNS over TLS and ESNI become widely accepted, that will fix some of the flaws the hackers can use to track your on-line activities, but not nearly as many flaws as using TOR does.
A common misconception is that you can't hide you are using TOR, and so you might bring surveillance onto yourself by using it. While it's true that the government can potentially see you are using TOR if you are using the default configuration (though even then it's significantly harder to detect than it is to detect, for example, if you are using Skype, or a low-quality VPN), it's trivial to configure TOR to use "obfs4" or "meek" protocol, which makes it almost impossible to detect you are using TOR. So, if you are paranoid that you will be persecuted for using TOR (which has, as far as I know, never actually happened), there is a simple fix for that. Though it might be unethical towards people who actually live under repressive governments, because the servers ("bridges") that use "obfs4" and "meek" tend to have limited bandwidth.
Mainstream media has made it that Internet users who worry about their privacy and security do things that actually make them less secure. There is little doubt that most antivirus programs (Avast, McAfee...) actually make us less secure, and that those that actually help (MSE, ClamAV...) do it by a very small margin. Don't take it from me, take it from a Mozilla security expert. Yet, if you say that to somebody who takes his information from the mainstream media, they will likely call you crazy.
The media has, if you ask me, done an excellent job completely misinforming people about security on-line. TOR browser is being demonized as being useful only for drug trafficking and other very illegal things, as if somehow the only people who should care about their privacy on-line are people doing those things.
"If you have nothing to hide, you don't need to worry about privacy." is one of the most dangerous ways of thinking, just ask anybody who has had their identity stolen. We should use every bit of security we can afford to use, because we never know how much security we actually need until it's too late. Tor regularly adds three layers of encription to the data you send on-line, and you can add two more by using the "meek" protocol.
Right now, it's trivial for a hacker (and for the government) to see exactly which websites you visit. Once DNS over TLS and ESNI become widely accepted, that will fix some of the flaws the hackers can use to track your on-line activities, but not nearly as many flaws as using TOR does.
A common misconception is that you can't hide you are using TOR, and so you might bring surveillance onto yourself by using it. While it's true that the government can potentially see you are using TOR if you are using the default configuration (though even then it's significantly harder to detect than it is to detect, for example, if you are using Skype, or a low-quality VPN), it's trivial to configure TOR to use "obfs4" or "meek" protocol, which makes it almost impossible to detect you are using TOR. So, if you are paranoid that you will be persecuted for using TOR (which has, as far as I know, never actually happened), there is a simple fix for that. Though it might be unethical towards people who actually live under repressive governments, because the servers ("bridges") that use "obfs4" and "meek" tend to have limited bandwidth.
Mainstream media has made it that Internet users who worry about their privacy and security do things that actually make them less secure. There is little doubt that most antivirus programs (Avast, McAfee...) actually make us less secure, and that those that actually help (MSE, ClamAV...) do it by a very small margin. Don't take it from me, take it from a Mozilla security expert. Yet, if you say that to somebody who takes his information from the mainstream media, they will likely call you crazy.