Is Tor Browser really safe?, are you really anon while using it?
It's safe if you use it right. Only downside is you can't shitpost on 4chan since they ban TOR exit nodes.
>don't run scripts
>no plugins
>don't post information that can be traced to you
>>52023519
thanks anon
>>52023555
does NSA really give a shit about people who dont live in the USA? cause I dont.
>>52023589
well, american police cared enough to help canada track down the british shitposter who posted that fake shooting at Laurier a couple months ago, so I suppose they'd care.
>>52023589
>does NSA really give a shit about people who don't live in the USA?
That's primarily what the NSA does.
>>52024527
Yep. Part of the reason everyone got so pissed off at them collecting literally ALL phone call metadata (and much more) in the US is that they're supposed to be focused on foreign actors.
Watch the DefCon video on how For users got caught
>>52023463
Depending on what it is you're trying to do, you might want to look at one of the alternatives to Tor. I highly recommend i2p
>>52023589
Are you retarded? The charter of the NSA says that their primary mission is foreign SIGINT
>>52024738
Why and how is that allowed? Why isn't everyone responsible in jail?
>>52023463
>really anon while using it?
From corporations maybe. But everybody who uses tor for anything really illegal seems to get arrested ....
http://www.gwern.net/Black-market%20arrests
>>52023463
I think tor itself is safe but most hidden services have been compromised.
So depends what you want to do with it.
Don't use your home network nor personal information and you'll be fine.
>>52025034
I recall Silkroad guy got caught for something really stupid like his username being used in some forum.
>>52025034
Most people are arrested because of mistakes they made, not tor it's self.
There are some venerabilities to tor, but read up on the latest news and practice good opsec.
>>52025074
I read a story about how researchers at a college found away to de-anonamize new hidden services.
It said they helped the FBI catch some people. Every time the gov finds a way to fuck with tor they find as many people as they can then bust them.
>>52025017
Because muh terrorists.
9-11 ended up having a positive impact on neocons politics, I bet some defense contractors even thank Allah every morning for radical islamists.
>>52025961
>neo cons thank Allah
No, they thank Bush for invading Iraq and creating ISIS.
>>52026461
Dont forget Obama armed them and oversaw their rise.
http://www.washingtonsblog.com/2015/05/newly-declassified-u-s-government-documents-the-west-supported-the-creation-of-isis.html
The CIA has a nasty habit of arming people that we end up fighting a few years later: Iraq, AQ, and now "moderate rebels" that turned out to be ISIS. Honestly, the CIA is either an evil genius or a bumbling buffoon in its ability to stimulate military conflicts.
>>52023519
>>don't post information that can be traced to you
Sometimes you have to. What's the downside? Unless it's illegal shit, you're fine. But you have to hit the "new identity" button before and after you post. Hell, you should hit that button before opening any new websites.
>>52023519
>don't run scripts
Do you (or anyone) have much information about the effects of allowing scripts for individual websites? as I understand it, js is mostly bad because it lets third parties trace your session across many websites. Obviously I wouldn't enable them globally. If I open one website and enable scripts for that website, am I compromising much? I seriously doubt that my actual IP can be discovered using only js, unless there are gaping security holes in my browser.
>no plugins
The same question goes for some plugins. Is it safe to allow Flash Player under any circumstances? Quickly skimming the documentation, it seems ActionScript 3 allows for manual socket-level connections using the flash.net Socket API, which would ignore browser-specific proxy settings and thus reveal true IPs. However, this capability can be disabled locally using the mms.conf configuration file. I believe the only other requests Flash Player can generate are from URLRequest, which I believe would be handled by the browser.
Does anyone have knowledge about this?
>>52029199
There was a venerability a few years back using JS to unmask some Tor users. The fed put malicious scripts on a hidden hosting service they seized. I think it on;y affected people using an old version of the tor browser on windows though.
You should just download it if you can. I wouldn't trust flash to not be backdoored. Also becareful downloading stuff, docs and pdfs can have web elements used to call home.
>>52023519
>>52023463
or you know, just read the fucking manual.
>>52029199
Allowing JS is pretty much okay if the following 2 circumstances are met:
>you didn't resize the Tor Browser's window
It's either 1000x900 or 1000x600 on smaller screens. Window size tracking is a real thing I'd you use a unique window size (which is determined by toolbars and task bar size and display size etc.) If you don't resize the default window size, you won't stand out from all the other Tor users.
>you disabled custom fonts in the settings
Font tracking is even worse than window size tracking. With JS they can list all the fonts your OS has installed, which is probably the most unique thing in an OS.
If you do these 2 things, you're pretty much safe using JS.
The problem with flash is that it has its own cookies, which are shared between tor browser and regular Firefox.
>>52030017
>I'd
=
>if
Retard autocorrect.
