💬 Discussion | should VPN-section recommend Tor-use, versus VPN-use? #914
Labels
No Label
🔍🤖 Search Engines
approved
dependencies
duplicate
feedback wanted
high priority
I2P
iOS
low priority
OS
Self-contained networks
Social media
stale
streaming
todo
Tor
WIP
wontfix
XMPP
[m]
₿ cryptocurrency
ℹ️ help wanted
↔️ file sharing
⚙️ web extensions
✨ enhancement
❌ software removal
💬 discussion
🤖 Android
🐛 bug
💢 conflicting
📝 correction
🆘 critical
📧 email
🔒 file encryption
📁 file storage
🦊 Firefox
💻 hardware
🌐 hosting
🏠 housekeeping
🔐 password managers
🧰 productivity tools
🔎 research required
🌐 Social News Aggregators
🆕 software suggestion
👥 team chat
🔒 VPN
🌐 website issue
🚫 Windows
👁️ browsers
🖊️ digital notebooks
🗄️ DNS
🗨️ instant messaging (im)
🇦🇶 translations
No Milestone
No Assignees
1 Participants
No due date set.
Dependencies
No dependencies set.
Reference: privacyguides/privacytools.io#914
Loading…
Reference in New Issue
No description provided.
Delete Branch "%!s(<nil>)"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Side-discussion, motivating me to open this issue, found over here == https://github.com/privacytoolsIO/privacytools.io/issues/880#issuecomment-488965108
@blacklight447-ptio has these four recommendations, which I've edited for clarity, let me know if any corrections are needed please, and I will edit:
I agree with suggestion#3, and partially agree with suggestion#4.
discussion of s4
I don't think we should flatly recommend normal everyday endusers MUST only utilize Tor and should NEVER utilize a VPN, because I think VPNs are about 10x more user-friendly than Tor, have about 10x the support-network on normal places like reddit and telephone helpdesks and whatnot, plus if an enduser that is not tech-savvy were to ask their decently-tech-savvy friend
I suspect there is about 100x chance they will get better advice with getting their VPN working properly again, versus the advice they would get to 'help' them make TorNetwork (e.g. Orbot) function properly/anonymously/securely/etc.
I disagree with suggestion#1 pretty strongly. I don't disagree with suggestion#2, except for the bolded part: "we need a huge subsection promoting Tor inside the VPN section" keyword. We should just link from top of VPN-section, to the Tor s3 writeup.
discussion of s2
This would be, for want of a better word, off-topic clutter. Better to write a proper TorNetwork_vs_VPNs section (suggestion#3), and then link there from the VPNs section, which is about -- and supposed to be about -- VPNs. There should be a yellow-bar-warning of a sentence or two, at the top of the VPN listings, just like there is a yellow-bar warning at the top of the LineageOS+UbuntuPhone+GrapheneOS mobile OS listings about GoogleServices.
Here is what privacyToolsIO says now, about gApps/playStore:
Here is what privacyToolsIO says now about anonymity-via-VPNs:
@blacklight447-ptio also made a lot of other suggested changes to what the listings currently say, such at
meekAzuresomeKindOfBridges+TorBrowser as the recommended alternative, andthat (in line with their suggestion#1 up above "any attempts to encourage user to use a vpn should be shutdown as fast as possible")(edit 16th May: this was apparently a misunderstanding... blacklight actually meant 'simultaneous usage of vpn with Tor' is unwise and ought not be recommended, not that the VPNs section should be scrapped! whew... so basically, s7 can be taken out of consideration, s5 is still in.)I disagree with s7, but agree with s5... I think s6 is incorrect placement, and should instead be included within the s3 explanation-guide, so that instead of talking about meek bridges in the TorBrowser blurb where there is not enough space to do the complex topic of bridges-when-Tor-is-blocked-or-censored justice, we can just hyperlink to the relevant portion of s3.
Btw, we don't want to start off encouraging meek azure bridges, these are run by the tor project themselves and cost them quite some money, people should only use them if other bridges fail.
You are the one writing up the s3 guidebook, not me :-) I'm just trying to keep the thread about "should we have a section for everyday endusers" separated from this discussion about "how/whether should we recommend the use of VPNs versus how/whether we should add caveats/links/subsections/giganticBlinkTagWarnings about Tor" ;-)
You have very strongly-held stances, some of which I think are counterproductive for endusers that are Beginners In Privacy-Land: they use chrome with zero addons, they use win10 with zero tweaks, they use bare IP addresses for everything, they use facebookMessenger for chatting, and so on. We want those people to start using Firefox plus two or three easy-to-user addons, something besides win10 ideally, protonVPN if they won't pay or Mullvad if they will pay money, signalapp for cryptocalls/texts/files, and so on.
That's a huge boost in privacy. You seem to believe that it is not sufficient. You want people to immediately start using TorBrowser (and learn about bridges when it is blocked), immediately start using Orbot/similar to route all their other traffic via Tor as well, skip right past the VPN stuff (only for "advanced users"), and probably TailsOS as their only operating system. I can only gently suggest, that if a person is using chrome+win10+bareIP, they are just going to freak out if you try to force them to use torBrowser+tails+orbot because "the internet is always broken now". They will go back to using tools which are not private, but which JustWork. There is a spectrum of how much hassle people are willing to undergo to get privacy, and for some of them, anonymity is not a big part of the threat-model.
Do you have a draft of your paper, online somewhere?
i might be the idiot in the room, but according to my understanding, TOR was developed by the U.S. Naval Research Laboratory and continues to be funded by gov/mil
then there's the exit nodes problem in that apparently a lot of them are suspect/known to be malicious/run by gov/intel
then there's the logical problem, why would the gubment give this tech to the public if it were full-proof?
some of the following may be duplicates, i just pulled them up quick
‘NSA-proof’ Tor actually funded by US govt agency, works with BBG, FBI & DOJ – FOIA docs — RT USA News
Pando: Almost Everyone Involved in Developing Tor was (or is) Funded by the US Government
Tor Project "Almost 100% Funded By The US Government": FOIA | Zero Hedge
@atomGit it just happens to be so that I wrote a blog post on this FUD spread by the so called "journalist" yasha levine:https://write.privacytools.io/my-thoughts-on-security/slicing-onions-part-1-myth-busting-tor
levine is someone who should not be trust as he gives dangerous advice, like scaring people away from using services like Signal.
Ill plug some of the article below here:
Although Tor is one of the best ways out there to protect your privacy and security these days, it sadly suffers from a bad reputation. This is the result of a number of myths which we’ll now attempt to debunk:
But Tor was created by the US government, it must have a backdoor! Tor was not written by the government. Tor was written by Roger Dingledine, later on joined by Nick Matthewson, with the funding from the Naval research lab through Paul Syverson. The claim that that it must therefore contain a backdoor does not hold up for the following reasons: First of all, the US government uses Tor to hide its own activities online; if it had a backdoor, it would not be safe for them to use. One could argue that they could make their own anonymity systems, but this wouldn’t be effective. If the government would build their own system, and only let themselves use it, then ALL traffic is known to be automatically CIA/NSA/FBI traffic, making it pointless to use in the first place. One must not forget that you cannot be anonymous alone, you need similarly anonymous peers to form a crowd for you to blend into. The more people you throw into the mix, the harder any individual is to find.
Tor will get me on a watch list! The claim that using Tor gets you on a watch list in a western society makes no sense at all. Not because it won't ever happen, but because it would be useless in the case they did it. Analysis shows that the Tor network gets as many as 2 million users a day. That’s a huge list, big enough that targeted surveillance is no longer possible, and governments would have to rely on mass surveillance. Hey, mass surveillance, wasn’t that already happening somewhere? Oh yeah, it's called the internet! The only place where using Tor could be dangerous is in nations with an oppressive government, but in that case a VPN is just as likely to arouse suspicion and get you on “the list”. Also with Tor, one can try to avoid detection by using bridge relays, which are entry nodes that are not publicly listed. Finally, it is worth considering what use of Tor protects you from, and whether that is more important than what the theoretical list would expose you to. It’s a little like thinking that using HTTPS will get you on a list, so you will no longer use HTTPS to protect yourself.
But exit nodes can do spooky stuff with my traffic! This one is partially true, although your traffic is encrypted while entering and traveling through the Tor network, the connection between the website and your exit node is not. If I were to login into a webpage using HTTP, an exit node could intercept my password. And while this was a big issue in the past, the massive adoption of HTTPS, which went from 67% of all websites in 2017 to 77% in 2018 , has made most manipulation done by the exit node impossible, as the exit node will only see an encrypted HTTPS packet that it has to forward, so even it does not know what the packet contains.
But the government can set up a lot of nodes to DE-anonymize people! While Tor is indeed not a silver bullet, setting up a lot of nodes is a very unlikely attack, that can either be fairly trivially detected, or become VERY expensive, depending on how it is done. First of all to really DE-anonymize someone this way, you need to at least have the entry node and exit node of a Tor user. Remember when I explained above that entry nodes are chosen once, and are kept for 2/3 months? This is exactly why: if the government wants to become your entry node it has N% chance to be picked by you out of 6000+ nodes. If I am lucky, and pick a non-government node, the government will have to keep all their nodes running (costing lots of money) for at least two months before they get another chance of becoming your entry. Also it takes At least 8 days, maximum of 68 days Before it gets up to full speed, to become a Guard node, As you see, this is slow, expensive, and generally a very unattractive way of finding a Tor user.
But Tor is only used by criminals on this thing called the dark web, we should not support it! Firstly, while Tor can be used to reach websites anonymously on the “dark web”, the VAST majority of Tor traffic is used to reach normal websites. While some people are convinced Tor is enabling pedophiles and should be taken down, this is not a solution and will not help anything. If you take away Tor, all that would happen is that criminals will use another (illegal) medium to conduct their business, where an activist in Iran may be killed and tortured without the protection of Tor. Tor may be a two edged sword, but the side of the benefits to society cuts a whole lot sharper then the criminal side.
I heard attack XYZ can break Tor! As I said above, Tor is no silver bullet, there can be attacks out there that could be used to try and DE-anonymize Tor users. But it is currently the best we have, and as Tor grows, with each user and each new node, attacks become harder and more expensive to execute. All we currently know is that in 2013, as part of the Snowden leaks, the NSA was not able to reliably trace Tor users.
But what about this drug market that got busted? It was hosted on Tor! It is true that there are certain individuals that abuse Tor to hide illegal websites, and many have been caught doing it. However, in each and every one public case of a take down, Tor was not the cause. One has to understand that even if your connection is anonymous, other things might be not. Tor is not magic security dust, it will not make your server “unhackable”. Software bugs are still a thing, government infiltration are still a thing, and simply user error is still a thing.
But Tor is funded by the US government! This one is partially true. While most current funding of the Tor project comes from the US government, people first have to realize that again, the government uses Tor themselves, so it makes sense for them to fund its development. Secondly, the US government is enormous, and it makes perfect sense that one part of the government is trying to improve it, while the other part wants to break it. Further more its worth mentioning that the Tor project is actively trying to diversify their funding sources, with success. In 2015 85% of Tor's funding came from the US government, it went down to 76% in 2016, and even 51% in 2017. It is also worth mentioning that all source code, all discussions and meetings, all research, everything the Tor project does is transparent and available for anyone online to crawl through and investigate; meaning that if the Tor project were to do something sketchy, people can see it.
thanks much for the info @blacklight447-ptio - read all of your blog post and understand TOR a bit better - i have some comments ...
we know what the disclosed capabilities of government are, however we don't know what their undisclosed capabilities are
regarding the cost aspect of spying on TOR users, i would certainly posit that the expense means absolutely nothing to a government that is spending millions/hr. on war, as long as there is a reward - also we essentially know that the intel community, or at least parts of it, do not always operate in a way that is overseeable by anyone outside of the intel community, and even within that community operations are sometimes highly compartmentalized, and they do not necessarily rely on traceable or government approved funding which opens more revenue streams
then there's the question of computational power and the effectiveness of encryption - if it takes 1 PC 3000 years to break an encryption method, how long does it take with the equivalent of 300,000 PCs? what kind of computational power exists in the intel community? simply, we don't know, yet your post seems to assume that encryption is trustworthy (absent software bugs of course)
a story that i think might be worth telling is about a guy i sold a PC to - he said he had worked for the gov (direct or contractor, i don't know) and had, as i recall, a crypto clearance, though he never said for what compartment - we got chatting about some very interesting stuff and i suggested we continue later through encrypted email - "encryption is useless" was his reply - obviously it is not useless, but i think it depends on who you're trying to protect yourself from (Snowden would later essentially confirm this when he said that encryption 'buys us some time')
a very simple example of how some type(s) of encryption can apparently be 'broken' (read: bypassed entirely) according to a study is by how the CPU sounds (literally) while it's processing it, which of course assumes physical access, but another example is by ones unique writing style - assume you use TOR, or whatever, to drop a nastygram at cia.gov complaining about their long standing facilitation of drug trafficking - it is possible to identify the person based on their writing style alone making any encryption useless ... granted this is at the very fringe of what were discussing, but still - there are a few other examples i could give also
so i believe it was the NSA that recently said it was going to shut down it's mass domestic surveillance program? no way - they will either rebrand or move to a newer, better, even more secretive system and this leads me back to TOR and its effectiveness, or lack thereof, as well as the possibility that no encryption registered with NIST can be considered safe according to an article i read recently - is this why Assange apparently (i really don't know) wrote his own encryption algorithm for Wikileaks submissions?
in your post...
this is contradicted by Wikipedia, the credibility of which is non-existent depending on the subject, granted, but the point is, i don't know it isn't creditable....
whether it was developed with physical gov assistance or just funding doesn't matter to me - all that matters is they they were and apparently still are involved and i can tell you, based on research, logic and history, that it is unlikely that the gov would be funding anything like this for public consumption if they couldn't compromise it - i realize the bigger the network, the more noise, but i'm not sure how valid that argument is regarding gov participation
consider at the Apple/iPhone deal where FBI demanded Apple put a back door in their OS because they couldn't break the encryption - this is ludicrous! of course they could, and did, without Apple's help.
is that all they use? is TOR used for the most sensitive communications? we don't know, but i highly doubt it and we can't assume that the government is one, big happy family - different entities spy on each other and wouldn't it be great if one had an advantage over another
as far as the exit nodes, the TOR peeps have voiced what sounded to me like extremely serious concerns over time and given the resources and snake-like ethics of NSA, FBI, CIA, etc., etc., who really knows how much traffic travels through gov nodes?
again, i think it depends on who we are trying to protect ourselves from and if the 'who' is NSA or CIA, i suspect we lose no matter what and i think that to assume that TOR (or encryption in general) is relatively safe is a dangerous assumption given we do not know what the capabilities are of these entities
on the other hand, maybe much of this stuff is simply scaremongering by a government/shills that want us to think we can always be monitored, thus stifling free speech and dissent - who knows
my 2 cents - please don't take my course style as an attack - i'm just voicing concerns
@atomGit ,I can give some more insights in this. Unlike what you might think, expense certainly IS an important thing in war, especially when it is known that spending that money in another area like hacking tools , which give a way better valua. Also it doesnt matter if the government would run some nodes, as the nodes dont know who you are, and most traffic these days is encrypted anyway.
And even IF we make the HUGE assumption that the government runs a large amount of nodes, its currently the best option we have. If you can make the assumption the the government defeated tor, then using a vpn provider wont help you in the slightest, and thinking it would do so would be highly naive.
about the encryption, what the fbi did is basically buy a box from an isreali company which tldr bruteforce the encryption password. The encryption itself was never broken, if one were to use a strong alphanumeric passprase instead of a four digit pin, they would have never gotten in.
also remember the usa government is huge, it makes perfect sense for them to have on department fund it to defend themselves with it and have another department try to break it.
on the topic of who made tor. The wikipedia article states that the onion routing concept wasdesigned at the nrl, this is correct. However the second generation tor router, which roger was writing based on the existing implementation written by matej, was not.
I should also state that the aes256 and 128 standard are completely, and utterly unbreakable via brute force. To put it in perspective: we currently do not even have enough minerals on earth to build the amount of computers needed to break them. If one where to use the top ten supercomputers to crack one aes key, it would take so long, that the sun would have been burned up and turned into a red gaint and swallowed the earth by the time they are done, the fact that you even suggest bruteforcing aes lets me doubt how much you actully know how encryption at a fundamental level works.
don't take this personally, but every single word in your comment above here is nothing more the baseless scaremongering.
I tried to read this thread from the beginning and I added 😕 to comments that I viewed as too long to get what they were actually trying to say.
I would like to quote the Torproject FAQ:
And on party X attacking Tor by running the majority of nodes, that is known as a Sybil attack and there are tools to detect and defend the Tor network against them. If you are still concerned, I think someone on Tor IRC channel or mailing lists could tell you more or you can perform more in-depth searching than I did.
@blacklight447-ptio said...
i would posit that your words fall on the other side of the spectrum in that they downplay known and potential threats - the perception that something is secure doesn't make it so
and if playing the role of a devils advocate and presenting evidence to back my statements is scaremongering in your eyes, than i stand guilty without reservation
you got it backwards - gov spends trillions on war, so to say as you have that it's too expensive to operate a pile of Tor nodes is laughable - and again, i am not stating they do as fact, just that it could be advantageous if there is a perceived reward and if there are vulnerabilities in Tor, which you certainly cannot factually state there are not - indeed, it is likely there are serious vulnerabilities that haven't been discovered, or have been discovered but haven't been disclosed - i assume you're well aware of Stuxnet and the monumental effort and funds that must have been dumped into that little pet project to specifically target a few centerfuges in Iran
emphasis mine...
"This doesn’t mean you should view Tor as secure against the NSA. It seems very obvious that the agency has identified Tor as a high-profile target , and we know they have the resources to make much more headway against the network. The real surprise is that they haven’t tried harder. Maybe they’re trying now." -- Matthew Green, cryptographer and professor at Johns Hopkins University
this again assumes Tor is practically invulnerable - can you state as fact that it is and that parties such as governments and large private corps. who have essentially unlimited resources have not found any holes in the system?
"Our method revealed the actual sources of anonymous traffic with 100% accuracy for the in-lab tests, and achieved an overall accuracy of about 81.4% for the real-world experiments, with an average false positive rate of 6.4%." -- On the Effectiveness of Traffic Analysis Against Anonymity Networks Using Flow Records
"A security researcher intercepted thousands of private e-mail messages sent by foreign embassies and human rights groups around the world by turning portions of the Tor internet anonymity service into his own private listening post.
A little over a week ago, Swedish computer security consultant Dan Egerstad posted the user names and passwords for 100 e-mail accounts used by the victims, but didn't say how he obtained them. He revealed Friday that he intercepted the information by hosting five Tor exit nodes placed in different locations on the internet as a research project." -- wired.com
can you state as fact something like the above can never happen again?
I AGREE! or at least i do not disagree - look, the point i'm trying to make here that WE DO NOT KNOW how secure Tor or any other software is because we don't know about vulnerabilities that haven't yet been discovered, much less those which obviously do esist but haven't been disclosed, or those which will undoubtedly be introduced in the future, or what capabilities private companies or intel posses - yes, Tor may well be the best option at this time, but i think you're downplaying the potential dangers by assuming Tor is akin to sliced bread and it isn't - the best we have <> the best
i didn't make that assumption - i said it's a possibility - can you state as fact it isn't? and this has little to do with VPNs which is a whole other ballgame and which, obviously(!) cannot be trusted in general
you can't throw 'IF's around as though the problem is an easy fix - people do not use strong passwords, nor do they use unique passwords, nor do they use password managers - it makes no difference whether the encryption was bypassed or whether it was broken - they got what they wanted - you can drop a 10k ton hardened steel cube in the middle of the road and state 'you can't pass here', but what's stopping anyone from going around it?
i agree, but you missed the point which is the fact that the intel community in many instances attacks, not tests, and has done so in many instances (those that we know of, that is) without oversight or disclosure
does the FBI infiltrate groups who who hold political opinions which the government opposes? is Tor development free from any and all influience by the intel community? whether the answer is a probable yes or no i think depends largely on the percieved value of the target - expense, again, is an afterthought
"First, it's not said that AES is unbreakable, merely that none of the currently known attacks reduce the computational cost to a point where it's feasible." -- Carl Mitchell, BS in Computer Engineering at University of Hartford
"Although the research suggests AES might no longer be considered theoretically secure, the crucial question facing all of us now is how far it is from becoming practically insecure, concluded Alex Biryukov and Dmitry Khovratovich (University of Luxembourg, Luxembourg), Orr Dunkelman (of Paris, France), Nathan Keller (Einstein Institute of Mathematics, Hebrew University) and Adi Shamir (Computer Science department of the the Weizmann Institute at Rehovot, Israel)" (technewsworld.com/story/68538.html)
"More interesting is the context it gives around the NSA’s efforts to break block ciphers such as AES, including the NSA’s view of the difficulty of such cryptanalysis, and confirmation that NSA has some ‘in-house techniques’. [...] In fact, many of the systems actually seem aimed at protecting knowledge of NSA’s cryptanalytic capabilities from NSA’s own operational staff (and other Five Eyes partners). As an analyst, it’s quite possible you’ll never learn why a given intercept was successfully decrypted." -- Matthew Green, cryptographer and professor at Johns Hopkins University
lastly i would again point out the steel block in the road problem - it doesn't matter if AES in invulnerable to brute force - there's key security, implimentation and other issues to worry about - you're talking about the technical aspect of the encryption itself - i'm talking about information security
Again, all you do is scare mongering, the point of this issue is that people should use Tor, as it is better for anonymity then a vpn, throwing around yes but government this and intentional multi trillion undisclosed bug that, is not helping anyone, rather, it is scaring away users from secure platforms because of this toxic user mentality.
if you have read my blog like you said you did, then you knew ive also written that yes, there are ways to attack tor, yes if someone is targeted, they will get you in the end if you don't take extra measures. The point is is that Tor makes it so hard use mass surveillance that it becomes impossible. The whole point is that heavy targeted attacks are the only thing possible.
Going off and throw doubt in inexperienced peoples faces about AES being "breakable" or Tor being traceable won't help, but harm privacy and security. Not help it.
Another thing, what you are quoting on is attacks against the algorithm, not brute force. Brute forcing AES is not possible. And we know for a fact the the Israeli box brute forces the pin of the user, so a strong alphanumeric password would have stopped it.
Its the same type of nonsense that people push against signal, that it "worthless" for privacy because it uses a phone number.
Look I get what you are trying to do, you are trying to make sure tor will not be posted as an end all be all solution, and add that attacks are possible. And i agree we shouldn't present it as such, But spreading FUD about trillion dollar spending attacks on tor wont help. At that point we can say, why use security at all, the government MIGHT have a trillion dollar bug in it, so its useless. everything you have said so far, including your sources, is that tor could be attacked (something e already know and nobody claimed otherwise), and then go further into vast conspiracies.
As about your exit node anxiety.
if,again, you actually read my blog, then you saw how today, the vast majority of the web is running over HTTPS, 77% in 2018, and still rapidly rising. If HTTPS is used, all that snooping exit nodes do is no longer possible. All they would be able to see is the IP and domain your connecting to.
As I may quote my own blog post:
No, Tor is, like I mentioned above, not a silver bullet. While it is currently the best option we have, there are certain attacks that could be used against Tor (like traffic confirmation attacks) to try and de-anonymize its users. For this however, other technical measures can be taken to protect yourself further. What Tor is though, is a way to make mass surveillance so expensive, so hard, that governments will now have to scale down, and focus their resources on specific targets, essentially dumping mass surveillance. And that is the power of Tor.
you're twisting my words to suit your agenda to get Tor listed without recognizing that i am not arguing with your agenda - i never said people shouldn't use Tor
i largely agree that Tor is a far superior alternative to a VPN - no argument there - and your accusation that i'm "trying to make sure tor will not be posted" is bullshit - i'm disclosing issues as i see them because, as you admitted, Tor is indeed imperfect and what i'm trying to get across is that it may be far more imperfect than many would assume and that there is evidence to suggest this
rather than argue nuances though, i'll close with this; i have ZERO problem with Tor or IPFS or other networks/protocols/platforms being proposed, however i think people need to know the potential risks and not assume that this stuff is bulletproof - i think we both agree, no?
that said, i'm not sure how much i agree with your point 7 "that (in line with their suggestion#1 up above "any attempts to encourage user to use a vpn should be shutdown as fast as possible")"
can you make the general argument that not using a VPN is better than using one? can you make the argument that all VPNs are garbage? and if not, then i disagree that suggestions to use a VPN should be removed - perhaps there should be recommendations on which services should be considered, but wiping the option off the map does not seem like a good idea to me
furthermore, using Tor is not trivial and it's slow as molasses the last i played with it (which wasn't so long ago), so i think more options are needed, especially for the novice who may unfortunately decide to scrap security/privacy when the Tor browser bundle breaks every other website they use or purchase they attempt to make
there's no ideal answer, much less a one-size-fits-all answer and i think that's why multiple options are needed and a VPN is the easiest thing to setup and use for novices - hopefully this community can help guide them to choosing a good one
Tor is better than a VPN - i agree - but i do not agree the VPN option should be scrapped
" i never said people shouldn't use Tor"
I never said you did, what I DID said was that your basically throwing in stuff the either was known for a long time, or else is basically nothing more then a conspiracy.
" and your accusation that i'm "trying to make sure tor will not be posted" is bullshit" again, i never said that.
"i'm disclosing issues as i see them because, as you admitted, Tor is indeed imperfect"
You say admitted like its something i try to hide, if i did, I wouldn't have made an entire paragraph about it.
"rather than argue nuances though, i'll close with this; i have ZERO problem with Tor or IPFS or other networks/protocols/platforms being proposed, however i think people need to know the potential risks and not assume that this stuff is bulletproof - i think we both agree, no?"
Great, something we both agree, upon.
"that said, i'm not sure how much i agree with your point 7 "that (in line with their suggestion#1 up above "any attempts to encourage user to use a vpn should be shutdown as fast as possible")"
this one i should probably clarify further, as i was typing on my phone at the time. what i meant here is that people should not use a vpn with tor for anonymity purposes, as it gives a false sense of security. VPN's do have their use cases, but more often then not, Tor would be better.
"an you make the general argument that not using a VPN is better than using one? can you make the argument that all VPNs are garbage? " no, because I don't think all vpns are garbage. that said I DO think their garbage for anonymity. they are however useful for privacy. If a user is sure he can trust his vpn provider, then having one is indeed better then none.
" VPN should be removed"
I dont think this should be done either, i think they should go lower on the priority.
"perhaps there should be recommendations on which services should be considered, but wiping the option off the map does not seem like a good idea to me"
good, a second thing we agree on.
"using Tor is not trivial and it's slow as molasses the last i played with it"
It could be that you was unlucky enough that your client picked a slow guard node, which is unfortunate, but general throughput is pretty good these days, as I am often able to stream 1080p videos over tor. that said, it is indeed only my experience, and your can vary.
"especially for the novice who may unfortunately decide to scrap security/privacy when the Tor browser bundle breaks every other website they use or purchase they attempt to make"
Tor browser in its default config actually allows almost all sites to function properly, only the higher settings show a big increase in breakage.
"there's no ideal answer, much less a one-size-fits-all answer and i think that's why multiple options are needed" there is not indeed, but I do think tor should be the default.
"a VPN is the easiest thing to setup and use for novices"
Because downloading Tor browser or Orbot for other apps is so hard.....?
"but i do not agree the VPN option should be scrapped"
Was never my intention.
Look I think we are mostly misunderstanding each other here. i did not intend to come over as rude to you. So lets make our points clear, and make a small list of things I would like to see happening:
for what it's worth, i agree with point 1 - regarding point 2, i think there should be a strong but brief warning (it's up to them to research), but i'm not going to make any suggestion as to how to word it
... for novices to use, yes - not necessarily hard, but inconvenient, slow, discovering nodes, waiting to connect to the network, etc... i think there's certainly some major niggles that could cause novices to turn away - i'm not a novice and i rarely use it myself because i find it slow and so i knowingly trade some anonymity for a less troublesome experience, but i take other precautions that novices would never tolerate
maybe i'm wrong, but i don't see Tor as overly noob friendly and, as such, i don't necessarily agree that it should be presented as the default - i think a (trustworthy-ish) VPN is the better candidate for some users and Tor for others - investigative journalist? Tor; political decent/activist? Tor; whistle-blower? Tor; casual surfer/researcher/socialite looking to take that first step? VPN - and i would guess that a lot, if not the majority of PTIO visitors fall into the last category
Yes, we all agree on this one. I agree with atomGit that TorNetwork should not be presented as the silver bullet to anonymity, because it just flat out is not a silver bullet. Sometimes it fails to work, unless the enduser knows about built-in bridges, and sometimes THOSE fail to work also so the user has to know about non-built-in bridges, and sometimes it just completely fails to work -- such as when you try to make a signalapp cryptocall via TorNetwork and learn that high jitter and lack of UDP makes that a wee bit broken. You also "cannot" use adblockers with Tor, various specialized browser-extensions with Tor, and so on... unless you are willing to risk de-anonymizing. Similarly, if you combine Tor with a VPN, you are very definitely at least partially de-anonymizing, and have to know what you are doing to avoid footgun. (Blacklight would say this is dangerous advice -- and that is correct, in the hands of somebody that doesn't know what they are doing, it is dangerous advice. Does that mean it must never be printed in privacyToolsIO listings? Dunno, because it depends on who the target-audience is, and that seems to be a big questionmark.)
TorBrowser should be presented as the first option in the web-browser area (as it is right now). Orbot-and-friends, should NOT be presented as the first option in the VPN area, however. The reason VPNs are listed at the top, is because they instantly improve privacy, and they are fairly easy for endusers to understand, and every enduser in the readership of privacyToolsIO wants to use the internet with added privacy :-) Some of them, but not all of them, will want to use the internet with added anonymity, and some of those will be willing to stomach the functionality-difficulties that purely utilizing TorNetwork demands -- see list above e.g. lack of cryptocalls and need to learn about bridging so as to workaround blockage/censorship/etc. I do think Tor should be prominently mentioned in the VPN section, and the Tor-section should be linked unto FROM that mention, right at the top in a yellow bar -- plus, in particular, that the risk of mixing VPN+Tor should be briefly highlighted there, with the link giving the full explanation of why mixing is risky unless you really know what you are doing (or maybe that last bit is elided).
Is that the same, as what I just said? And the wording/layout that I gave up in the top post, under the "suggestion#2b" portion? If not, what specifically do you propose to say? What should be the exact wording at the top of the VPN section? Where are you wanting Tor to be the 'default recommendation' ... at the top of the VPN section? In a new section that does not currently exist? In the "alternative networking" section?
Please be specific with "this is what it says now" and then "this is what it says
nowwith blacklight's changes" kind of format, so that you are proposing something concrete rather than speaking in easily-misunderstood-generalities. What do you mean 'default / secondary / etc' in terms of what wording you want to see, and where you want to see it?Where? in the VPN section? What is the wording of the explanation-section? "Small" does not tell me much, give me the suggested sentence(s) please
No, if we need a warning on the Tor-stuff, it should be specific and explicit. Is there a risk of de-anonymizing yourself, when using Tor? Yes there is: if you combine Tor-usage with VPN-usage, especially, with Tor+VPN, and to a different degree, with VPN+Tor. So we need to say something like "warning: VPN usage will not make you anonymous" and that is already in the VPN-section. I'd like to move that warning to the top of the section, rather than under the big table. But we need to have a warning alongside the place (which is still not yet determined exactly) where TorNetwork is recommended, which says something like
Not all of those belong in the VPN section but certainly a brief 'Tor helps anonymize you but there are ways you can inadvertently mess that up such as by combining Tor+VPN simultaneously, if you are using Tor click here for details"
Well, you did say that :-) But I'm glad it was just a phone-keyboard-mishap, rather than your actual proposal.
You are accusing them of fear-mongering, and me of being a dangerous moron who hates the readership of privacyToolsIO. If you don't wanna be seen as rude, stop being rude :-) Just concentrate on specific proposal ideas rather than seeing whatever some other person says in the worst possible light, and then assuming, they must be evil otherwise they never would have said something that could be interpreted in the worst possible light.
Yes. It looks like we all mostly agree here.
But we are getting bogged down in the weeds of who said what to whom, and that is a distraction from getting the actual website fixed up. We want to mention somewhere -- where exactly? in what words exactly? -- that combining Tor+VPN simultaneously is typically unwise. We want to mention, somewhere in the VPN section -- where exactly? in what words exactly? -- that the reader cannot get more anonymity from their VPN and thus perhaps may wish to investigate Tor, and here is a handy hyperlink to do just that. What's at the end of the hyperlink? Where is the hyperlinked material positioned/kept, on the /classic portion of privacyToolsIO ?
No because cryptocalls don't work. Because a lot more webservers/websites block Tor than block VPNs. Because it is a lot easier to change to another VPN-provider-node, than it is to figure out all the ways that Tor bridging can be accomplished. Because, most importantly, if you go into a coffee-shop that provides wifi, or an internet cafe, and you say "hey can anybody help me with Tor problems" maybe one person in a hundred will know how to help you, whereas if you say "hey can anybody help me with VPN problems" maybe one person in ten will know how. Tenfold better chance of getting tech-support, from friends and coworkers and (if all else fails) random people on the internet or in starbucks, is nothing to dismiss here.
For the average everyday enduser, the need signalapp because it is designed with them in mind, AND if they get stuck, there is plenty of help available. Tor is not really designed with then in mind, and they will get stuck, and when they get stuck, they need something to fall back upon: which is, VPNs. Yes, they lose anonymity, but as long as they know that, it is better for them to fallback on a VPN when Tor fails them, than to fallback on bare-IP-with-nothing. Similarly, when TorBrowser fails them, it is better for them to fallback on Firefox-with-plugins, or on BraveBrowser, rather than Chrome-with-nothing!
Ummm... what if I say please? ;-) We are not gonna get anywhere, unless we start concentrating on exactly how to word things, and exactly where that wording belongs.
Im planning to write a little proposal on this, may take a while.
k, i'll bite... proposed Tor warning as mentioned here (bottom of post)
ref: https://www.privacytools.io/software/networks/ (Tor Browser)
current:
proposed:
...
The onion router (Tor) is comprised of a network of computers designed to provide significantly enhanced privacy and security on the Internet by encrypting user traffic and passing it through several 'nodes' before it reaches its final destination. Tor is often used by ordinary people to thwart censorship and oppressive governments, as well as by investigative journalists, political activists, whistle-blowers and those who simply wish to remain anonymous. While the use of the network is encouraged, Tor can be inconvenient, problematic and potentially dangerous for novices, therefore it is imperative to read the documentation. As with any privacy-centric network or software, Tor may contain vulnerabilities and should not be considered bulletproof, however the general consensus seems to be that Tor is a vastly superior solution when compared with a Virtual Private Network (VPN).
...
@atomGit While im not fan of the "dangerous" description, In a world of two extremes, the answer often lies somewhere in the middle. So Ill compromise, and say that this describtion would be fine with me.
yeah, but i did try to narow it down when i said "potentially dangerous for novices" which seems to be true if misused - i.e. the browser bundle + the wrong add-ons, etc.
anyway, it's just a proposal, so feel free....
one thing missing maybe is a mention of how Tor insulates users from the destination - hides the IP - i couldn't figure out how to work that in without making it too long and maybe it's self explanatory???
hopefully someone can improve it
65 words, current prose aka T1 == The Tor network is a group of ...[above]
135 words by atomGit aka T2 == The onion router (Tor) is comprised ...[above]
88 words by fivecd aka T3 == Tor is a network designed to provide significantly enhanced privacy. All data is encrypted, hopping anonymously through several volunteer-operated nodes before it reaches its final destination. Tor is often used by ordinary people to thwart censorship and oppressive governments, as well as by investigative journalists, political activists, whistle-blowers and those who simply wish to become more anonymous. Proper use of Tor can be complicated. Tor is not bulletproof, but gives vastly more anonymity than VPNs. Warning: under most circumstances, simultaneously combining Tor with VPNs, hurts anonymity.
This is in a different section, we are working on the Orbot-section right now (for general tor use not specific to browsing the web). https://www.privacytools.io/browsers/ says:
One thing at a time ;-) We do have the luxury though, of writing "one thing" in the self-contained-networks section, and then writing "something completely different" over in the browser-section... and then linking them to each other?
86 words...
Tor is a network designed explicitly to provide significantly enhanced privacy. All data is encrypted, hopping anonymously through multiple volunteer-operated nodes before reaching its final destination. Tor is often used by ordinary people to circumvent censorship and oppressive governments, as well as investigative journalists, political activists, whistle-blowers and those wishing to remain anonymous. Proper use of Tor can be complicated and it is not a bulletproof solution, however it provides greater anonymity than a VPN. Warning: Tor should not normally be combined with a VPN.
Im all for this one, it provide a nice balance between describing the benifits of tor while not overselling it as an end all be all solution
If somebody here is able to create a Pull Request with these changes I think we can merge them in.
Perhaps this should link to a reason as to why, like Should I use a VPN with Tor? Tor over VPN, or VPN over Tor?.
Why link to reddit when our community provided contant would do :p
https://write.privacytools.io/my-thoughts-on-security/slicing-onions-part-2-onion-recipes-vpn-not-required
@JonahAragon what would be needed to make this happen, some changes in HTML with the above text in it?