Tor privacy and safety

flash23

flash23

Adept
Does using sites and services like gmail, facebook, netbanking, CC transactions through Tor have any disadvantages?
As far as I know tor has onion servers all around the world, which are probably much secure than whatever currently being used by default, but there was a revalation that many of NA-east coast servers were compromised but are back secure. Also there is a fact that the US gov indirectly support tor development and usage.

In short what are the downfalls of using tor? Would appreciate some informative response.
 
It all boils down to how much security/privacy do you really need. You data is already being crawled by foreign govt. and is easily available with a warrant.

If its protection from malicious actors then you are more vulnerable at the Client end than your connection.

Are you worried about our own Govt. spying on you & your anonymous activities then get a secure VPN in a country which wont give 2 shits about Indian warrants or Tor and you're set.
 
Not worried about govt, heck they already have or can easily access data. I am concerned regarding the usual malicious actors- the CC and identity thieves.
 
flash23 said:
Not worried about govt, heck they already have or can easily access data. I am concerned regarding the usual malicious actors- the CC and identity thieves.
Click to expand...
if its just basic security that you are concerned for the just use the incognito / private mode in browser.
 
Incognito or private mode only hides details in local computer. All the traffic is still visible on isp side. He should get a vpn if he's that paranoid about online activities.

Edit: using tor for netbanking is even more weird. In normal way, the bank server provides one-one encrypted connection to your computer. With tor, god knows how many different comps the connection passes through before terminating at your end. It might even lead to failed transactions if something goes wrong. Plus ip address on bank site which gets logged will never match so if you get a problem, it would be hard to get your money back.
 
Last edited:
TOR is for anonymity,not privacy....i hope you can understand the difference between two....

that being said.it is never advised to use any type of anonymous services for those who know you,i.e. your bank,your email provider etc...as they already know you so hiding your IP wont make any difference,it will only make your account look suspicious when ip changes so frequently....and there is more chance of your credit card info getting hacked on TOR rather than direct connection.

i will say again.use TOR for anonymity,not privacy.
 
flash23 said:
As far as I know tor has onion servers all around the world, which are probably much secure than whatever currently being used by default, but there was a revalation that many of NA-east coast servers were compromised but are back secure. Also there is a fact that the US gov indirectly support tor development and usage.

.
Click to expand...

more servers your data go through before reaching its final destination,more are the chances of it getting intercepted and hacked.

if you have a direct connection from your home to your bank then that would be the most secure option to access your bank account,not when you first connect to france,then germany,US,kenya and then back to india.

besides,banks use SSL secure connections.so intercepting and reading information is almost impossible for an amateur hacker,not so for NSA though....most of the credit card info is hacked using simple keyloggers and malwares installed in your system instead of someone trying to break SSL.
 
flash23 said:
Does using sites and services like gmail, facebook, netbanking, CC transactions through Tor have any disadvantages?
As far as I know tor has onion servers all around the world, which are probably much secure than whatever currently being used by default, but there was a revalation that many of NA-east coast servers were compromised but are back secure. Also there is a fact that the US gov indirectly support tor development and usage.

In short what are the downfalls of using tor? Would appreciate some informative response.
Click to expand...
Tor is for anonymity not for security. Netbanking wont work with tor. If it does the transactions might get flagged.
 
@6pack I was having the same doubt. I use firefox as my primary browser, but the regular version containing flash, addons, etc get replaced by the on in the bundle.
Is there any way to have both firefox versions to coexist?
Also I guess things like hotspot shield are also no-no for stuff like email, social n/w, banking, etc.
 
For multiple versions of Firefox you need to do custom installation. Maybe run the tor package from from its own folder or something like that.
Another method is to use custom profiles. Lots of articles on net on how to use two or more profiles in Firefox.
 
Well anyways. I installed the bundles and ran my system for a while as an exit relay. Quite a fascinating concept. Will make my DL rig a dedicated exit relay. BOINC+TOR+uTorrent x 24 x 7 = :). Actually what the web was meant for. Shared services with zero charge...!
 
flash23 said:
@6pack I was having the same doubt. I use firefox as my primary browser, but the regular version containing flash, addons, etc get replaced by the on in the bundle.
Is there any way to have both firefox versions to coexist?
Also I guess things like hotspot shield are also no-no for stuff like email, social n/w, banking, etc.
Click to expand...

The tor'd version of Firefox is separate from your regular Firefox primary browser and the two can co-exist. Just change your network settings in your primary Firefox browser to point to the proxy running from the tor bundle and your regular Firefox will run across tor. The regular Firefox browser with an unlocked down config, plugins and addons will leak information via DNS queries, flash cookies, Javascript etc though. That is why you have the browser in the tor bundle which is configured to ensure that it does not leak any information via DNS, flash cookies, Javascript etc. to the unTor'd network. Tor only gives you some level of anonymity but does not give you security. Also, be aware that unless your connection is end to end encrypted, the tor exit node can see your plain text traffic, so don't use it with sites that are not SSL secured for the entire session.
 
Only way to hide ip address is some vpn or if isp hides ip address of individuals at their end. I've seen some people in swarm with ip address field only showing isp name and nothing else.
Didn't check in netstat what was shown though.
 
flash23 said:
Wont having an exit relay bog down your download speed? Which is the main purpose of the DL rig. You could also try peerblock, which tough not fullproof, is quite effective to save from prying eyes.
Click to expand...

There are options in there to keep low speeds. I can leave it on 256 kbps, even. It is a fascinating concept. And I love to provide.

Oh...by the way. I am not using TOR for privacy. LOL. I tried it once, found it decent. I browse normal, and nothing hyper about privacy. Just the out-relay concept seems great, and if I can help others on the www, why not. For free, too. That is how the web works.
 
Back
Top