Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Monday April 20 2015, @02:53AM   Printer-friendly
from the why-is-everyone-watching-me? dept.

Ars Technica recently reviewed two "Tor routers", devices that are supposed to improve your privacy by routing all traffic through the Tor anonymity network. Although the initial release of Anonabox proved woefully insecure, the basic premise itself is flawed. Using these instead of the Tor Browser Bundle is bad: less secure and less private than simply not using these "Tor Routers" in the first place. They are, in a word, EPICFAIL.

There are four possible spies on your traffic when you use these Tor "routers", those who can both see what you do and potentially attack your communication: your ISP, the websites themselves, the Tor exit routers, and the NSA with its 5EYES buddies.

Now it's true that these devices do protect you against your ISP. And if your ISP wants to extort over $30 per month for them to not spy on you, this does offer protection. But if you want protection from your ISP, just use a VPN service or run your own VPN using Amazon EC2 ($9.50/month plus $.09/GB bandwidth for a t2 micro instance). These services offer much better performance and equal privacy. At the same time, if your ISP wants to extort your privacy, choose a different ISP.

http://arstechnica.com/security/2015/04/op-ed-why-the-entire-premise-of-tor-enabled-routers-is-ridiculous/

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 0) by Anonymous Coward on Monday April 20 2015, @06:03AM

    by Anonymous Coward on Monday April 20 2015, @06:03AM (#173033)

    everything builds ontop of the OS stack.
    if that is compromised or has a back door the best encryption and password are useless. good luck with that million lines of code.
    as for a tor router, sometimes it's just about getting the word out.
    assume you live in repressive state and you have access to the internet.
    along comes a whistlerblower without internet acces but needs to get data/info out of the country.
    you setup a "insecure" wifi accesspoint with tor (no wpa).
    the whistleblower can now connect to it and shovel the data out if the country.
    you as operator you are protected because the wifi has a small range and because it's not possible to blame you for helping the whistleblower (cannot be traced back to your public ip).
    of course a evil person could do this also but if you are the whistleblower you could use a long-range directional antenna from the sniper-like-hidding--in-bushes location to connect to the open wifi and the evil operator would have a hard time finding you.
    obviously you would have to prepare the whistelblower data package beforhand and not surf porn for hours without end : )
    srsly tho, how would one go about saving ones own skin as a friendly wifi operator and not use tor in a repressive state?
    purely technical it IS not completly safe to use a open wifi acces point but if one wants to practice civil disobedience in a repressive state then that's the only way to go: thousand and thousand of open (unsafe) wifi access point that route thru tor.
    tor is MORE then just anonymous websurfing. it can also give you a unique anonymous identity.

    to wit:
    then again, if we are living in a so-called non repressive state why are we hidding? the problem of de-anonymisation should not be solved by clever software hacks but by the law and supra-transparency of goverment?!

  • (Score: 2) by mtrycz on Monday April 20 2015, @12:12PM

    by mtrycz (60) on Monday April 20 2015, @12:12PM (#173107)

    The OS stack is built upon the BIOS and hardware, and both have their own vulnerabilities that can or could not be OS specific.

    ----

    if we are living in a so-called non repressive state why are we hidding?

    IF
        a -> !b
    AND
        b
    THEN
        !a

    --
    In capitalist America, ads view YOU!