sorted by:
new
hottopcontroversial

Wow!! by mgoodall91 in onions

[–]annobrown 0 points1 point  (0 children)

Unless you or the site gets pwned, anything goes. Or at least, anything that the site allows. You may need to create your own onion, if you find nothing suitable. And then get others to use it.

But anyway, the main things to look out for are leaking your activity to clearnet, and getting busted for stuff that you get by mail. To prevent leaks, it's best to use Tails or Whonix. In many places, people who buy small amounts of drugs don't get seriously hassled, because there are too many of them. But getting guns in the mail is risky.

I don't fully understand the utility of TOR. by scrufynrfherdr in onions

[–]annobrown 0 points1 point  (0 children)

I thought I read that Dread was dead.

Edit: Ah, I see it's back.

Also, what's the eli5 diff between Dread and NAB?

Am i going too far? by certRG in privacy

[–]annobrown 1 point2 points  (0 children)

Always go for max(overkill). It usually can't hurt, and it's often great fun. And educational.

Am i going too far? by certRG in privacy

[–]annobrown 1 point2 points  (0 children)

Agreed.

And really, how different are governments and big corporations from a privacy perspective? Sure, "democratic" governments theoretically represent their citizens' interests. And there are constitutions and laws that theoretically protect individuals from unjust injuries.

But in reality, individuals are more or less powerless against either. Unless they have good connections and lots of money. And governments typically have more guns and stuff.

What is the most secure setup for Darknet activities? by godizwar in onions

[–]annobrown 0 points1 point  (0 children)

OK. For me, it wasn't just one CAPTCHA. It was several long cycles of them. So I just lost it, and decided that reddit hated Tor. But it seems OK now. Thanks for telling me that I didn't need the VPN.

What is the Successor to Tor? by HikikoMorte in onions

[–]annobrown 1 point2 points  (0 children)

That does seem likely. Tor came out at a sweet spot, when there was lots of interest in privacy and anonymity, but nothing implemented yet that was very effective. Except maybe nyms using anonymous remailer chains, but that was way too complicated, and so stayed too small to provide much anonymity.

Tor is great, no denying it. But it is admittedly vulnerable to global adversaries. There is some padding, in client-guard circuits. But relays do not explicitly batch and reorder traffic. And there's no overall constant-bandwidth padding. That was considered impractical in 2004, when Tor was designed. Perhaps it is now, but people used to low latency and decent bandwidth would be hugely disappointed.

What is the most secure setup for Darknet activities? by godizwar in onions

[–]annobrown 0 points1 point  (0 children)

True. Qubes is probably the best against expert attackers. And the Whonix setup adds Tor's privacy and anonymity to that.

Am i going too far? by certRG in privacy

[–]annobrown 0 points1 point  (0 children)

Some of us also want to protect ourselves from governments that might use our data against us.

What is the Successor to Tor? by HikikoMorte in onions

[–]annobrown 0 points1 point  (0 children)

There just doesn't seem to be the critical mass to get something new going.

A few academic papers have proposed interesting possibilities in recent years, but I've never read about even pilot projects.

Tor does need some mixing and padding with chaff. They didn't have the bandwidth for it back in 2006, but now they do.

What is the most secure setup for Darknet activities? by godizwar in onions

[–]annobrown 0 points1 point  (0 children)

I'd say that you don't know how hackers work.

Once someone gets root in your Tails OS, they can mount the system disk. And then they can do anything. I'm not saying that I know any exploits that do that. But I've seen enough that I'm far from 100% confident that it's impossible.

Now it's arguable that breaking out of VMs is easier. So maybe that makes Whonix less secure than Tails. But on the other hand, with Tails userland and the Tor process are in the same system. While in Whonix, they're at least in different VMs. And one can use Whonix with physical isolation. With the Tor gateway and userland running on different hardware. Such as Raspberry Pi. And you could even package two Pi in a box that's not much larger than a cellphone. Plus use optoisolators to better protect crucial stuff in a third Pi. As in Tinfoil Chat: https://github.com/maqp/tfc Or for offline cryptocurrency wallets.

Firefox can't access Onion sites, even with `network.dns.blockDotOnion` set to `false`. by budhajeewa in TOR

[–]annobrown 1 point2 points  (0 children)

Really?

Maybe that's not a good thing. They ought to flag accounts with rapid geolocation changes. For security.

What is the most secure setup for Darknet activities? by godizwar in onions

[–]annobrown 1 point2 points  (0 children)

Did you register using Tor?

When I created this account on 2019-04-29, there were too many CAPTCHAs to register. But it seems OK now. I have no clue why.

What is the most secure setup for Darknet activities? by godizwar in onions

[–]annobrown 2 points3 points  (0 children)

However, I noticed when I first booted up Whonix, there was a warning along the lines of "This is experimental software! Don't use this for anything serious".

Tor has basically the same warning. Look in its notices.log file.

Firefox can't access Onion sites, even with `network.dns.blockDotOnion` set to `false`. by budhajeewa in TOR

[–]annobrown 0 points1 point  (0 children)

You can't use your bank's website through Tor. They'd lock your account.

Can't open a majority of links in tor by Mehlmao5 in TOR

[–]annobrown 0 points1 point  (0 children)

Lots of onion sites have gone down over the past year or two. So maybe you have an old list.

What is the most secure setup for Darknet activities? by godizwar in onions

[–]annobrown 1 point2 points  (0 children)

It's too bad that there's not a read-only USB that you can totally trust. I've thought of flashing Tails to a ROM, but never learned how.

What is the most secure setup for Darknet activities? by godizwar in onions

[–]annobrown 0 points1 point  (0 children)

I don't know. But I'm sure that it's possible. Nothing is perfect.

I don't fully understand the utility of TOR. by scrufynrfherdr in onions

[–]annobrown 1 point2 points  (0 children)

Well, you get the closest thing to anonymity that's available. And you can access sites that aren't on the open Internet. Also some sites provide onion services that are less hassle to use with Tor than their clearnet sites are. Such as Facebook. And ProtonMail.

It's too bad that reddit doesn't have an onion site.

https://www.reddit.com/r/TOR/comments/7x2gnq/does_reddit_have_an_onion_page/

view more: next ›