mirror of
https://github.com/privacyguides/privacyguides.org.git
synced 2026-06-07 19:09:18 +00:00
refactor: Move wiki articles to individual folders
This commit is contained in:
@@ -4,14 +4,14 @@ weight: 40
|
||||
description: An overview of several network architectures commonly used by instant messaging applications.
|
||||
---
|
||||
|
||||
There are several network architectures commonly used to relay messages between people. These networks can provide different privacy guarantees, which is why it's worth considering your [threat model](../../basics/threat-modeling.md) when deciding which app to use.
|
||||
There are several network architectures commonly used to relay messages between people. These networks can provide different privacy guarantees, which is why it's worth considering your [threat model](../../basics/threat-modeling/_index.md) when deciding which app to use.
|
||||
|
||||
- [Recommended Instant Messengers](../../../tools/services/messengers/_index.md)
|
||||
- [Video: It's time to stop using SMS](https://www.privacyguides.org/videos/2025/01/24/its-time-to-stop-using-sms-heres-why)
|
||||
|
||||
## Centralized Networks
|
||||
|
||||
|
||||
|
||||
|
||||
Centralized messengers are those where all participants are on the same server or network of servers controlled by the same organization.
|
||||
|
||||
@@ -34,7 +34,7 @@ Some self-hosted messengers allow you to set up your own server. Self-hosting ca
|
||||
|
||||
## Federated Networks
|
||||
|
||||
|
||||
|
||||
|
||||
Federated messengers use multiple, independent, decentralized servers that are able to talk to each other (email is one example of a federated service). Federation allows system administrators to control their own server and still be a part of the larger communications network.
|
||||
|
||||
@@ -57,7 +57,7 @@ When self-hosted, members of a federated server can discover and communicate wit
|
||||
|
||||
## Peer-to-Peer Networks
|
||||
|
||||
|
||||
|
||||
|
||||
P2P messengers connect to a [distributed network](https://en.wikipedia.org/wiki/Distributed_networking) of nodes to relay a message to the recipient without a third-party server.
|
||||
|
||||
@@ -82,7 +82,7 @@ P2P networks do not use servers, as peers communicate directly between each othe
|
||||
|
||||
## Anonymous Routing
|
||||
|
||||
|
||||
|
||||
|
||||
A messenger using [anonymous routing](https://doi.org/10.1007/978-1-4419-5906-5_628) hides either the identity of the sender, the receiver, or evidence that they have been communicating. Ideally, a messenger should hide all three.
|
||||
|
||||
|
||||
+1
-1
@@ -131,7 +131,7 @@ We can see the [connection establishment](https://en.wikipedia.org/wiki/Transmis
|
||||
|
||||
## Why **shouldn't** I use encrypted DNS?
|
||||
|
||||
In locations where there is internet filtering (or censorship), visiting forbidden resources may have its own consequences which you should consider in your [threat model](../basics/threat-modeling.md). We do **not** suggest the use of encrypted DNS for this purpose. Use [Tor](tor-overview/_index.md) or a [VPN](../../tools/services/vpn/_index.md) instead. If you're using a VPN, you should use your VPN's DNS servers. When using a VPN, you are already trusting them with all your network activity.
|
||||
In locations where there is internet filtering (or censorship), visiting forbidden resources may have its own consequences which you should consider in your [threat model](../../basics/threat-modeling/_index.md). We do **not** suggest the use of encrypted DNS for this purpose. Use [Tor](../tor-overview/_index.md) or a [VPN](../../tools/services/vpn/_index.md) instead. If you're using a VPN, you should use your VPN's DNS servers. When using a VPN, you are already trusting them with all your network activity.
|
||||
|
||||
When we do a DNS lookup, it's generally because we want to access a resource. Below, we will discuss some of the methods that may disclose your browsing activities even when using encrypted DNS:
|
||||
|
||||
@@ -87,7 +87,7 @@ If you go this route, make sure to purchase Monero at different times and in dif
|
||||
|
||||
When you're making a payment in person with cash, make sure to keep your in-person privacy in mind. Security cameras are ubiquitous. Consider wearing non-distinct clothing and a face mask (such as a surgical mask or N95). Don’t sign up for rewards programs or provide any other information about yourself.
|
||||
|
||||
When purchasing online, ideally you should do so over [Tor](tor-overview/_index.md). However, many merchants don’t allow purchases with Tor. You can consider using a [recommended VPN](../../tools/services/vpn/_index.md) (paid for with cash, gift card, or Monero), or making the purchase from a coffee shop or library with free Wi-Fi. If you are ordering a physical item that needs to be delivered, you will need to provide a delivery address. You should consider using a PO box, private mailbox, or work address.
|
||||
When purchasing online, ideally you should do so over [Tor](../tor-overview/_index.md). However, many merchants don’t allow purchases with Tor. You can consider using a [recommended VPN](../../tools/services/vpn/_index.md) (paid for with cash, gift card, or Monero), or making the purchase from a coffee shop or library with free Wi-Fi. If you are ordering a physical item that needs to be delivered, you will need to provide a delivery address. You should consider using a PO box, private mailbox, or work address.
|
||||
|
||||
<!-- TODO: Admonition -->
|
||||
<div class="admonition tip" markdown>
|
||||
@@ -4,7 +4,7 @@ weight: 20
|
||||
description: Tor is a free to use, decentralized network designed for using the internet with as much privacy as possible.
|
||||
---
|
||||
|
||||
|
||||
|
||||
|
||||
[**Tor**](../../tools/advanced/alternative-networks/_index.md#tor) is a free to use, decentralized network designed for using the internet with as much privacy as possible. If used properly, the network enables private and anonymous browsing and communications. Because Tor traffic is difficult to block and trace, Tor is an effective censorship circumvention tool.
|
||||
|
||||
@@ -31,7 +31,7 @@ If you have the ability to access a trusted VPN provider and **any** of the foll
|
||||
- Your threat model includes your ISP itself as an adversary
|
||||
- Your threat model includes local network administrators before your ISP as an adversary
|
||||
|
||||
Because we already [generally recommend](../../basics/vpn-overview.md) that the vast majority of people use a trusted VPN provider for a variety of reasons, the following recommendation about connecting to Tor via a VPN likely applies to you. <mark>There is no need to disable your VPN before connecting to Tor</mark>, as some online resources would lead you to believe.
|
||||
Because we already [generally recommend](../../basics/vpn-overview/_index.md) that the vast majority of people use a trusted VPN provider for a variety of reasons, the following recommendation about connecting to Tor via a VPN likely applies to you. <mark>There is no need to disable your VPN before connecting to Tor</mark>, as some online resources would lead you to believe.
|
||||
|
||||
Connecting directly to Tor will make your connection stand out to any local network administrators or your ISP. Detecting and correlating this traffic [has been done](https://edition.cnn.com/2013/12/17/justice/massachusetts-harvard-hoax) in the past by network administrators to identify and deanonymize specific Tor users on their network. On the other hand, connecting to a VPN is almost always less suspicious, because commercial VPN providers are used by everyday consumers for a variety of mundane tasks like bypassing geo-restrictions, even in countries with heavy internet restrictions.
|
||||
|
||||
@@ -109,8 +109,8 @@ Those at risk of browser vulnerabilities should consider additional protections
|
||||
Every time you [connect to Tor](../../tools/software/tor/_index.md), it will choose three nodes to build a path to the internet—this path is called a "circuit."
|
||||
|
||||
<figure markdown>
|
||||
|
||||
|
||||
|
||||
|
||||
<figcaption>Tor circuit pathway</figcaption>
|
||||
</figure>
|
||||
|
||||
@@ -145,8 +145,8 @@ The exit node will be chosen at random from all available Tor nodes ran with an
|
||||
Connecting to an Onion Service in Tor works very similarly to connecting to a clearnet service, but your traffic is routed through a total of **six** nodes before reaching the destination server. Just like before, however, only three of these nodes are contributing to *your* anonymity, the other three nodes protect *the Onion Service's* anonymity, hiding the website's true IP and location in the same manner that Tor Browser is hiding yours.
|
||||
|
||||
<figure style="width:100%" markdown>
|
||||
|
||||
|
||||
|
||||
|
||||
<figcaption>Tor circuit pathway with Onion Services. Nodes in the <span class="pg-blue">blue</span> fence belong to your browser, while nodes in the <span class="pg-red">red</span> fence belong to the server, so their identity is hidden from you.</figcaption>
|
||||
</figure>
|
||||
|
||||
@@ -165,8 +165,8 @@ Once Tor has built a circuit, data transmission is done as follows:
|
||||
Below is an alternative diagram showing the process. Each node removes its own layer of encryption, and when the destination server returns data, the same process happens entirely in reverse. For example, the exit node does not know who you are, but it does know which node it came from, and so it adds its own layer of encryption and sends it back.
|
||||
|
||||
<figure markdown>
|
||||
|
||||
|
||||
|
||||
|
||||
<figcaption>Sending and receiving data through the Tor Network</figcaption>
|
||||
</figure>
|
||||
|
||||
|
||||
Reference in New Issue
Block a user