|
Quote:
Code:
network.http.keep-alive.timeout:600 (300ms default is OK usually, but 600 is better.) |
Quote:
(and yeah, the link he provided elaborates on this) |
Yeah, those weaknesses in Tor are why I seldom use it. Sometimes I use it to establish a connection with an overseas proxy, then use the proxy to go to my final destination.
|
Quote:
This resource mentiones end-to-end correlation, anonymity-reduction via control over a subset of tor nodes, and username/password sniffing by exit nodes. I read your statement "tor can actually decrease your privacy" as "privacy with tor is weaker than it is without tor (or any anon proxy)". End-to-end correlation is a problem if the same party controls the entry and exit nodes of a complete chain. I don't know how probable that is, but maybe you are right here: There are people who can read the complete traffic, and by using tor one gets their attention, where one would have gone unnoticed by them without tor. Anonymity reduction by partial network view means: There is less anonymity than one might think if one sees tor as a network of completely independent nodes (which it isn't). But anonymity is still greater than without any proxy. Transmitting unencrypted (SSL) usernames and passwords via tor is even more dangerous than it is without tor: There is one more party which can see your credentials (the exit node). This is what I meant with "false sense of privacy". Unencrypted login is no good anyway. This is 1 maybe, 1 pro, 1 con for/against Tor. One can just shift the risk from local ISP/target website admin/whoever gets the logs - to some unknown Tor node(s) anywhere in the world. |
Yes, that sums it up pretty much. I don't use tor because I don't think it's the right solution, and it has those weaknesses, which I choose not to accept.
|
Quote:
Quote:
|
So if you live in the US and are using tor then your worst case scenario is:
1: packets routed to a foreign server which may or may not be suspected of terrorist activity and now you're flagged. 2: ip is not hidden and thus can be attached to a data stream 3: browsing is somewhat slow. Does that about get it? |
Quote:
|
Go to about:config in firefox.
Set browser.privatebrowsing.autostart to true. (filter by typing private) When you start it should automatically be private. |
Quote:
|
Quote:
Edit: As private browsing is exactly what the OP was about (and IP anonymity has its own disadvantages), I would like to add one thing to the list of firefox addons: RefControl Configure it to "No Referrer" for unknown sites, and whitelist sites which need referrers as you notice them. Some shopping sites do not work without referrer. |
Quote:
cepheus11 Thanks. I will also check this add-on out as well. I am very close to breaking myself away from this game. But I think what I might be doing is re-installing Arch Linux (So I can try Wine again with WoW, Arch has better fps for me, plus I have only what I want/need running.) and setting up Firefox as well with all the add-ons. (I am writing a list, well modifying mine, based on this thread and I have this page book marked.) I am hearing some great stuff here. I know nothing is 100% but I appreciate all the very helpful ideas and debates/discussions. I have another question I would like to ask. I use macchanger. I can also manually change my mac address with my router. When I do this it resets my IP address, (I have to unplug my modem and plug it back in for it to pick up the changes with the mac address and give me another IP address.) I mention this because I would like to know if there is a way I can use this for extra security, privacy, etc. somehow? Edit: An after thought. I use a couple of more add-ons. Is anyone aware of potential security risks or actual security risks with them? * Febe (I know with this there could be a chance of information physically being stolen but I keep that data encrypted and only back up passwords, bookmarks and add-ons.) * SmoothWheel * United States English Spell Checker (I really hope this one is fine. Hate to post without checking my spelling, it is atrocious at times, lol) * User Agent Switcher I haven't heard anything bad about them. But thought i would ask anyways. |
Quote:
I wrote a proxy tester which generates a wpad.dat file for your browser. View the wiki for more information. It's hard to depend on security software unless you can either view the source or write it yourself IMO. In Firefox, every connection made goes randomly through a different proxy. You just have to find an anonymous proxy list. So you could possibly go through 10 different proxies downloading a single web page. Just from a little text file. Start with a google search or Mr. Hinky Dink's Proxy List. Then you can use FoxyProxy. If you want to use a single proxy server then use a CoDeeN proxy (which goes through a University). They're probably the safest. You can check your anonymity by viewing your http headers (pearl script not written by me) or checking out this image. I could talk all day about security solutions and what you could do to protect yourself on the net but I don't want to talk any further, hijacking the OP's thread. So if you want to know more, start a new thread, link me to it. |
Talk to your ISP about your IP address, because you can actually have them change it once in a while.
|
All times are GMT -5. The time now is 11:11 PM. |