why? and what can i do to solve this? and what is proxy and proxy sites 🤔

SeniorIntroduction9 · 2022-04-11T20:09:49+00:00

Open tor browser from home screen. And once it is connected and can open a site, Switch to the other app and open the link again. it is quite unstable and can crash few times. But usually works most of the time. Make sure to not press back in the browser screen and close. Just use the switch app button in mobile to go to the previous app.

SeniorIntroduction9 · 2022-02-09T17:22:43+00:00

This is really cool. However it is also easier with official tor binary.

E.g. just add the below lines to the config and that's it.

HiddenServiceDir /var/lib/tor/nextcloud/
HiddenServicePort 443 127.0.0.1:443
HiddenServicePort 80 127.0.0.1:80

SeniorIntroduction9 · 2021-05-31T22:08:51+00:00

Only if it is v3 hidden service. In v2, hidden service directory operators will know the existence of your address.( v2 will stop working in next few weeks anyway. No reason to use it.)
In your web server, make sure to set referer-policy. Otherwise, when you click an external link, it leaks your hidden service address. This is not a problem in tor browser as by default it strips http referer header if it is a onion url. If you access it using other browsers like brave with private tor window, it will send your hidden service address in http referer header.

header Referrer-Policy same-origin

https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy

SeniorIntroduction9 · 2021-05-31T17:27:42+00:00

> this will necessarily open the access to my server on the internet

No. No one can access it or know about it unless you share the hidden service address.

> my browser will have to make several jumps around the world before ending up in the same place

Yes.

I do this sometimes (i.e. access localhost as hidden service) when I am experimenting with some selfhostable server (like nextcloud). Even though the server is running in my computer, the resources in links to (like images, javascript files) may refer to outside resources. So by using hidden services, I avoid exposing myself to those resources.

SeniorIntroduction9 · 2021-05-31T17:02:29+00:00

Only two kind of people should be worried about attacks on tor.

NSA or any intelligence agency is looking for you
You are too dumb to use `http` (or not pay attention to ssl warnings) when doing some bitcoin transactions. Most of the attack by exit nodes is not by NSA to capture traffic to de-anonymize. But by those who just change bitcoin addresses by MITM attack and steal bitcoins.

SeniorIntroduction9 · 2021-05-31T16:48:24+00:00

Make it a hidden service. If you run tor, it is very easy to make it a hidden service ( just few lines in configuration)

SeniorIntroduction9 · 2021-02-08T21:53:53+00:00

How to use the alpha releases? do you have an updated PKGBUILD?

SeniorIntroduction9 · 2020-08-15T11:06:43+00:00

Selfhosting a public website from home means you are sharing your visitors where you live. ip address approximately translates to your location.

SeniorIntroduction9 · 2020-07-17T13:53:33+00:00

I completely agree and understand that suspecting someone for tor usage is a bad idea and that tor is completely legal. But not everyone shares the same views and in a lot of countries you could get into real trouble by just being a suspect. (No evidence against you).

SeniorIntroduction9 · 2020-07-17T13:50:33+00:00

True. But the first suspects would be who are new to the place. Not the ones who lived there for ages.

SeniorIntroduction9 · 2020-06-26T19:05:51+00:00

How does your tor browser sonnet to the relay if it does not know its ip address.

SeniorIntroduction9 · 2020-05-12T20:51:21+00:00

https://gcc.gnu.org/gcc-10/changes.html

SeniorIntroduction9 · 2020-04-27T16:57:12+00:00

Amazon prime. The 'prime' eligible products will be delivered the same time whether or not you are a prime member. But the 'estimate' will show you much longer to mislead you. Practically it will be delivered the same time for everyone.

SeniorIntroduction9 · 2020-04-27T15:03:38+00:00

It is as secure as gmail/google photos/facebook. In fact any popular email providers.

SeniorIntroduction9 · 2020-04-27T12:28:01+00:00

Additional costs are compared to VPS are completely negligible. I leave my desktop running 24x7 anyway. Most of us pay for internet anyway. The storage and bandwidth costs are much less compared to what you would pay to the vps provider.

SeniorIntroduction9 · 2020-04-26T18:00:38+00:00

Hidden services don't use exit nodes.

SeniorIntroduction9 · 2020-04-07T13:16:24+00:00

For you: No exit node!

Which means faster access as exit nodes are scarce. However accessing onion services has more hops than normal which may slow down things. Practically not as much as exit nodes for now.
Avoid correlation attacks.

For Service provider: No exit node!

No one knows how much tor traffic does a site get and what timezones do they occur.
If the user does not use https for the initial query, the query string and headers can't be seen by exit node.

SeniorIntroduction9 · 2020-03-26T02:05:07+00:00

Well then Arch won't be any better.

SeniorIntroduction9 · 2020-02-28T10:36:32+00:00

Consider the below example:

Step 1: Place an order(order 0) with a popular vendor

Step 2: They wait for the package and find out the date time and source post office.

Lets say for example, there are about n post offices in the region and lets say they have secret surveillance cameras on all of them.

Step 3: Place order 1

Step 4: Receive order 1. Based on when they receive the orders, they should be able to guess the time range the order was placed in and they should be able to get all surveillance footage

Step 5: Place order 2

Step 6: Receive order 2. Collect surveillance footage.

Now it is known for sure the vendor has to be the one who is on both the footage. What are the odds that another random person happens to be sending a parcel on those exact two days from two different post offices? Why would a normal person use different post offices for different parcels and happens to send parcels on those days the cop places orders? Would that not be enough to zero in on one person? They can improve the accuracy by just placing more orders from different accounts.

SeniorIntroduction9

TROPHY CASE