Poll: Tor, security, privacy


#1

I was wondering how much of the people who are interested in a privacy related project (that is, you guys) are actually taking the effort to be private and secure on the internet.

  • I use Tor at least occasionally
  • I don’t reuse my passwords
  • I never use my real name on the internet
  • (none of those)

0 voters

Let me know if you have some ideas for more options, though this poll isn’t trying to be exhaustive so I can’t say I’ll add many more.

(Sorry for the last entry. This stupid thing doesn’t allow 0 choices.)

EDIT: I never used polls before so I didn’t know you can’t change them after 5 minutes. Sorry guys, no VPN for you.


#2

Tor is not secure, not sure what else to say here.


#3

You could have VPN too


#4

Yeah yeah. Another purist. I’m sure you don’t use a lock on your front door either because they can be picked, after all.

It’s true Tor is not 100% secure, but nothing is. However, using Tor is a lot more secure than not using it, and vulnerabilities are getting looked for, found, fixed. Guard nodes, for example, make certain attacks much harder, if not impossible, and they are the default setting now.

Let’s also not forget that the Silk Road wasn’t brought down by exploiting a weakness in Tor but by exploiting a weakness in the web server it used which, under certain circumstances, leaked the real IP address of the server. Had they used something like Qubes with its Tor gateway, it would’ve been much harder to crack.

I almost added it but VPN providers are obvious targets to governments and often they can’t even say if there was a request for data from them. Also there’s the possibility that some are straight out covert government operations.


#5

But your arguments for including Tor apply here too surely. No doubt some VPN operators are not what they seem but on balance you are likely to be more secure and anonymous than without using one.


#6

I disagree. Tor, all by itself, is not owned by a single entity. It takes exploiting weaknesses in it to get any information about its users. Attacking a VPN, on the other hand, is about having enough power to force out an answer from a known person, and we already know governments have enough power to do that. Those are two separate worlds.

If you just don’t want to get sued by the RIAA then sure, going through a VPN in another country is a solution, but I’m directing this poll more toward general privacy than toward getting away with pirating Metallica.

Anyway, I added was trying to add VPN because it seems like a popular request, but the stupid thing doesn’t let me.


#7

Of course i use a lock on my door. It was there when u bought the house…

If your using tor, and big players want to catch you, you will be caught.


#8

Again, the Silk Road was something they really wanted to get (how many of us are important enough for that to start with?) and yet they could only do it through something outside the Tor network.


#9

I used to have different passwords for every account back in the day when no-one really worried. Over the years, I’ve grown much more nonchalant. I only use different passwords for services and accounts I consider crucial, because I use so many, it would painful and almost impossible to memorize them all.

Similar with my name. I kept refusing to reveal my name to the network for nearly decades since my early teen age. Suddenly, I stopped giving a damn because I stopped taking myself so seriously. I actually believe that acting all clandestine and overly cautious is precisely what attracts the attention I wanna avoid. I now tell everything to everyone :grimacing:


#10

I only remember one - the login to my password manager which I store in the cloud and on all my devices. It’s also protected by 2FA. Plus I have my non-crucial ones stored in my browser, also password-protected. Unlike you I have become increasingly wary over the years :worried:


#11

That’s why I’ve given up. It was the day I realized I needed another password to keep my passwords secure. I thought “alright dude. Now imagine the Akashic records exist. What are you gonna do about it?”

Anyway, I would never discourage anyone from keeping their data and passwords as secure as possible. I just decided for my own “coming out”. And once the Safe Network becomes a thing, I’m leaving the original web for good, goodbye everybody.


#12

Oh btw, when it comes to seeds for crypto recovery, I only keep them in my head. At the moment, it’s 39 words. I sometimes wake up in the middle of the night and repeat them just to make sure they’re still there. If I hit myself in the head or just go sclerotic, too bad.


#13

So your real name’s Fruico? What were your parents thinking? :wink:


#14

Im by no means a tor expert.
Afaik the nsa et al monitor connections by owning many nodes, and use packet inspection to follow the packets.

And no im not important to those groups, if i was, i certainly wouldnt use tor.