/ps/ - Privacy and Security

NSFW Content

>>HYHPKA96 (OP) I see

NSFW Content

>>HYHPKA96 (OP) >Is Tor anonymous? >[idiot] was caught using Tor, it is unsafe! >Tor is funded by the feds. Funding must mean it's backdoored. >Tor is not a perfect solution, so don't bother protecting yourself. Tor works by using onion routing to proxy your traffic through three (or more) volunteer nodes, with one layer of encryption for each node used in a connection. Every connection uses a set of nodes (circuit) randomly chosen by the user. Tor does not: - mandate or incentivize users to act as relays - employ dummy traffic - introduce intentional latency - mix packets together to be sent out in unpredictable orders - pad the size of packets, except for aspects of hidden services - use unidrectional tunnels, or change tunnels ("circuits") unless the user wishes it Also note that Tor: - has a centralized list of routers - does not have a very diverse set of relays (many are hosted in Europe, especially Germany) Clearly, the intention of Tor, in implementing LLARP (Low Latency Anonymous Routing Protocol), is to be blazing fast while preserving user privacy, and anonymity against most adversaries. It excels at this. How can you be deanonymized when using Tor as a normal user (non-relay)? There are various methods to do so, but the most prominent are the following: - Timing attacks / traffic shape correlation attacks - Attacks on traffic exiting the network (MITM techniques) - Protocol data leakage (browser metadata, p2p such as bittorrent, etc) - OPSEC failure (humans interacting with other humans, DON'T) Operations security is easy if you have a basic level of intelligence, and you should avoid usage of anything but the Tor Browser Bundle unless you actually know what you are doing, so as to not leak metadata.

NSFW Content

>>ZRFH0M8G The most powerful method at the disposal of the feds is the Timing Attack. Global adversaries such as the NSA and its allied spying agencies log every single byte that goes through the internet backbone, through almost every ISP, in the West, and stores it for years. This means that they can observe when traffic entered the network, when similarly-sized traffic exited the network, and thus infer what entities are communicating with each other, and can deanonymize you. It may take several time intervals to deanonymize you with this technique, depending on the circumstances. Minutes, or perhaps fractions of a minute, at best. A few factors can work in your favor: - High traffic to a website. If there are many connections going to, say, DuckDuckGo.com, and you do your browsing as quickly as possible, it is likely impossible to determine that you did this, because there are so many other users using it as well. - High latency. Specifically, if more nodes are used in your circuit, it must take longer to deanonymize you, mathematically speaking. - Use of hidden services. Tor employs a number of additional protections to hidden services, and needs to know the address of a service to even attempt to deanonymize it through DoS attacks. When using one, your traffic will go through at least six relays, and your traffic does not exit the Tor network, either. This makes deanonymization of the users of hidden services extremely difficult and unlikely, especially if they switch circuits often and have good practices. The server hosts are more at risk here, their true IPs are usually found within months if they are high profile enough.

NSFW Content

>>PK8179LG Conclusion: While Tor can provide Anonymity some of the time, it is not sufficient to protect user metadata from the multi-billion dollar might of world intelligence agencies. All the same, why not use it? You protect your privacy, drastically reducing the power of governments and corporations to influence human behavior, and can be anonymous if you put in some effort, especially if sticking to communication within the network. There is no reason not to use Tor- perfection is the enemy of the good. If you want something better that solves almost all of the problems listed above, try I2P instead. Or better yet, in the future consider the Nym network, which includes global adversaries in its thread model, while still experimental, has received millions in funding recently, and will be a great alternative to Tor.

TOR Browser won't let you add custom search engines. Fucking stupid.

>>4T8ZF0WC any imageboards on i2p?

>>QA25GGGB http://kelvinchan.i2p/?i2paddresshelper=u-e5QkrfHAM5Lotfu0sQ5SytnE2XDJKZr4YC5r9g7w5g2PWVUJeY2DQIG0BiSCz6YvpRg2EWocEVya7yBq1oA-T57tojspmbgru3VZ2xJmmcOS-2Qox1~zhZGO9VhtjotrVJsXQJmN2-GdVFzdhQOBEB42H-N4YILCtqlFM4~G3Klg8v76rTCLbTmx6PCHFUvgtINPconhktuGRY4024KZuJxJ4CWMOwFdiIwCXrtW~Ro0iL03kPxRbdTaaHmHOD~kybknlSqx6lKYuHMkd6eVS3Y0vmy1SpXvdYiKu0K6Cd68S6R5nfeLWexoFaXxzHola1ObDg-ypTa6epJOyEyKqheFg9Ss1hIECbjHVXtmmKwHAxKo9yNN-vhUxrUYZbtVH79Mf8fgGeFfvmrPee2C1-L6WTGQuB2Hn5T5jJISPuWyUzFVhA1KKGsitWkydFKgApG8b56ORaWp1~FIPLKa2QuGNN1Va3JQCs3lxW1iJDr0x6eQahrcPXKL2OkaaxBQAEAAcAAA== http://6s72dyf6jwlvk2u455lksvcs5r7deafc3iniwo5kp4ssm777noma.b32.i2p/ http://bitchan.i2p/?i2paddresshelper=ZBVkjJCfrRhaFxt9x4MwtkTlJdxTFCOYMc8aA37G1KiBFGMOQXdHQBVy-HSVwtv~-lPbrUVFiYMBDBF4SLnWjpp1b1YFZCyovMDcxY9oQDePDoTlQB1lgOgoitaAUvBkYrneTE9cChjFBOgw2id4al9aZV-NrU~whdEGfAQyPCVK-LakyT0KQvlJ84NN3aDkLog104uQj1EZVyhEIxSVXlmW9ADwxi8TqGXj~YK5HZYYCpyRi3yQ7UpL6jPyYJjnYnsIN1NPvND05kCxXkzi0QRQIO271w3z7ApYFd8IEvRMb-CnbOCh-TPG2UAc~n6r2vzFwEXy1ptsIblIRSGDjbJ1YwXfoCPPnu6~EvyTGz8Of0GSeGhCZQU3NuSA4I2vThqsov6vw8p7ObnDOGG6SnZfcCihbUllWKFPaqjLzeU3PVpUnFyrupphDPQ7bdp6Y2~S8GjsfXaxWlcK8PJYidEsFKht1VZFKHa46cYdRmuJOmfmlfb3BqURG9Jr5ySgBQAEAAcAAA== http://waycuw2c27ruakfblkf5tcegwmt3ot445dlfoypil6bzmm4yxg7a.b32.i2p/ http://kohlchan.i2p/?i2paddresshelper=o99lBP~hkpIZKP8k7PFA9HRlBI~U1wtuVuJ2tKuGrUA4iV6cmj-9J0wReNB8qq3IAKUHkd1HPSnoc~NKyGwCft7s3LXlorfIQfQhlG1Mhj1mojrZ6jkPsBO9xm4ukIKtY1CE2uB8ms6wzuyJ1TjV4m68kPqZvXpS58T4lW1d7NUmk-kbQzOanHHX3TC5~S34lc7~KnrXYk51yZgTlYZzDm4Pv--E801E-YtuB2Yt8xoneW8n~N81ppg-YQq~QrHFdeCr1kbM4XMB0jCODdkP2FznqImxEQUcheba1jck4QDij46x6mvP8aNjJt9FBIhya7H9BckIe~KBvgGHomHOfbvDw0wekqqLFylwF36G1pTBoOxr17ct~H2k3AOe4rIf06YOUfDTD-oEitqT6LEqhxJqQPWXd1nNjfXb7iUXwPcU6~eUmNqP8WC8vBEDicmzlyiouBGzve8iTRncULth0ADO3T2I~29GEgwEcsR4ASidRcar0kOyfOvTYJt7CrBjBQAEAAcAAA== http://kohlchanvn6vtsujobyw4pt5naaszmxqutd5hsdatmxfe2qaqhya.b32.i2p/

>>QA25GGGB You can access bitchan by both i2p and tor.

>>4T8ZF0WC >Nym Thanks for the shilling anon. How can I get paid by shilling like you?