See:
http://en.wikipedia.org/wiki/Tor_%28...%29#Weaknesses

2 members found this post helpful.

I've got browser >> squid >> privoxy >> tor >> internet and it's a bit slow at times but otherwise works well, I think. Woke up in Germany this AM... If anyone else installs tor these mods to about:config will speed things up.
@H_TeXMeX_H Interesting about the monitoring of the interface between tor and the rest of the world. Guess I'll have to check out my setup a bit more.

1 members found this post helpful.

Tor makes you anonymous, but definitely doesn't make you any more secure.

(and yeah, the link he provided elaborates on this)

1 members found this post helpful.

Yeah, those weaknesses in Tor are why I seldom use it. Sometimes I use it to establish a connection with an overseas proxy, then use the proxy to go to my final destination.

Thanks for the link.

This resource mentiones end-to-end correlation, anonymity-reduction via control over a subset of tor nodes, and username/password sniffing by exit nodes.

I read your statement "tor can actually decrease your privacy" as "privacy with tor is weaker than it is without tor (or any anon proxy)".

End-to-end correlation is a problem if the same party controls the entry and exit nodes of a complete chain. I don't know how probable that is, but maybe you are right here: There are people who can read the complete traffic, and by using tor one gets their attention, where one would have gone unnoticed by them without tor.

Anonymity reduction by partial network view means: There is less anonymity than one might think if one sees tor as a network of completely independent nodes (which it isn't). But anonymity is still greater than without any proxy.

Transmitting unencrypted (SSL) usernames and passwords via tor is even more dangerous than it is without tor: There is one more party which can see your credentials (the exit node). This is what I meant with "false sense of privacy". Unencrypted login is no good anyway.

This is 1 maybe, 1 pro, 1 con for/against Tor. One can just shift the risk from local ISP/target website admin/whoever gets the logs - to some unknown Tor node(s) anywhere in the world.

3 members found this post helpful.

Yes, that sums it up pretty much. I don't use tor because I don't think it's the right solution, and it has those weaknesses, which I choose not to accept.

I would agree that anyone who decides to use Tor as a means to increase security is headed down the wrong path. I think a better approach is to use Tor only if you've taken adequate measures to deal with the additional risks involved, and only if you really need the anonymity it is designed to provide you with when properly used. AFAIK, most people don't need the anonymity, and as such they would be taking unnecessary risks by deploying Tor on their network IMHO.

1 members found this post helpful.

So if you live in the US and are using tor then your worst case scenario is:
1: packets routed to a foreign server which may or may not be suspected of terrorist activity and now you're flagged.
2: ip is not hidden and thus can be attached to a data stream
3: browsing is somewhat slow.

Does that about get it?

Worst case is kinda subjective. For example, worst case for someone might be getting their traffic sniffed, or having malicious code injected into an otherwise harmless Web page they're viewing. So yeah, I actually think you're missing quite a bit on your list. Mainly though, it's the same nastiness users would be susceptible to normally, except now it's worse because of the potential for a false sense of security having been generated, plus the fact that they're sending traffic through nodes (Tor exit nodes, specifically) which can statistically be shown to be more hostile than the alternative. There's been a lot of successful attacks (some of epic proportions) that relied on people being connected via Tor in order to work (as the attackers would have otherwise been severely limited physically/geographically), so this is far from being theoretical.

Go to about:config in firefox.

Set browser.privatebrowsing.autostart to true. (filter by typing private)

When you start it should automatically be private.

1 members found this post helpful.

Yes (if you happen to get a chain with authority-controlled entry and exit nodes at the same time), but this is not about "Tor or not Tor". You would get more easily flagged by connecting to the suspected server directly. The alternative is to just not connect to that server at all.

This applies when you do not want other users with access to your computer to view your history, cache, cookies, web app store... Or if you want to be absolutely sure that web applications cannot track you through cookies. Private Browsing does not provide anonymity at the IP-level - if you have a static IP address, or it changes only once a day, or you have a unique browser/OS combination, you can still be tracked (with some probability).

Edit: As private browsing is exactly what the OP was about (and IP anonymity has its own disadvantages), I would like to add one thing to the list of firefox addons:

RefControl

Configure it to "No Referrer" for unknown sites, and whitelist sites which need referrers as you notice them. Some shopping sites do not work without referrer.

1 members found this post helpful.

Thanks. This I think would help as far as cookies somehow getting stored or something else without my knowledge and despite the add-ons. As I said I despise the idea of being watched (well for anything,) but especially so someone else can tell me what I want and use me for a dollar.

cepheus11
Thanks. I will also check this add-on out as well.

I am very close to breaking myself away from this game. But I think what I might be doing is re-installing Arch Linux (So I can try Wine again with WoW, Arch has better fps for me, plus I have only what I want/need running.) and setting up Firefox as well with all the add-ons. (I am writing a list, well modifying mine, based on this thread and I have this page book marked.)

I am hearing some great stuff here. I know nothing is 100% but I appreciate all the very helpful ideas and debates/discussions.

I have another question I would like to ask. I use macchanger. I can also manually change my mac address with my router. When I do this it resets my IP address, (I have to unplug my modem and plug it back in for it to pick up the changes with the mac address and give me another IP address.) I mention this because I would like to know if there is a way I can use this for extra security, privacy, etc. somehow?

Edit: An after thought. I use a couple of more add-ons. Is anyone aware of potential security risks or actual security risks with them?
* Febe (I know with this there could be a chance of information physically being stolen but I keep that data encrypted and only back up passwords, bookmarks and add-ons.)
* SmoothWheel
* United States English Spell Checker (I really hope this one is fine. Hate to post without checking my spelling, it is atrocious at times, lol)
* User Agent Switcher

I haven't heard anything bad about them. But thought i would ask anyways.

I didn't imply that it would. If you're really worried about anonymity then you can simply use my software if you at least know basic terminal knowledge.

I wrote a proxy tester which generates a wpad.dat file for your browser. View the wiki for more information. It's hard to depend on security software unless you can either view the source or write it yourself IMO.

In Firefox, every connection made goes randomly through a different proxy. You just have to find an anonymous proxy list. So you could possibly go through 10 different proxies downloading a single web page. Just from a little text file.

Start with a google search or Mr. Hinky Dink's Proxy List. Then you can use FoxyProxy. If you want to use a single proxy server then use a CoDeeN proxy (which goes through a University). They're probably the safest.

You can check your anonymity by viewing your http headers (pearl script not written by me) or checking out this image.

I could talk all day about security solutions and what you could do to protect yourself on the net but I don't want to talk any further, hijacking the OP's thread. So if you want to know more, start a new thread, link me to it.

1 members found this post helpful.

Talk to your ISP about your IP address, because you can actually have them change it once in a while.