Technology
This is the official technology community of Lemmy.ml for all news related to creation and use of technology, and to facilitate civil, meaningful discussion around it.
Ask in DM before posting product reviews or ads. All such posts otherwise are subject to removal.
Rules:
1: All Lemmy rules apply
2: Do not post low effort posts
3: NEVER post naziped*gore stuff
4: Always post article URLs or their archived version URLs as sources, NOT screenshots. Help the blind users.
5: personal rants of Big Tech CEOs like Elon Musk are unwelcome (does not include posts about their companies affecting wide range of people)
6: no advertisement posts unless verified as legitimate and non-exploitative/non-consumerist
7: crypto related posts, unless essential, are disallowed
view the rest of the comments
So when I first learned about TOR almost 10 years ago in uni, it was said to be compromised to a significant extent by secret services holding entry and exit nodes.
Is that not true anymore?
I’ve hear something similar. I think I read that the US Air Force has a bunch of nodes or something.
Additionally I don’t really understand what I would use it for if I already have a vpn and how it might put me a risk of legal trouble if I’m using it and someone routes something bad through me while I’m using it…
I’m not even sure how to talk about it.
I am decently technical, I just don’t know this tech.
Disclaimer that I haven’t used Tor in a while, do your own research, etc
The US navy designed and open sourced the Tor network. If all the traffic meant to be anonymous was coming from the US navy it doesn’t work well as an anonymizer. There’s been various claims that they have backdoors over the years, but to my knowledge none have held water.
Unless you’re running an exit node (which requires different software than the Tor browser) other people’s traffic isn’t getting routed through you so you’re fine legally.
VPNs are not very good at protecting you from the websites or services you connect to. They’re best used to hide where you’re connecting to from your ISP. Modern fingerprinting using things like browsing habits, installed software, web browser size, cookies, etc is barely effected by VPNs and the Tor browser takes care of an minimizes lots of those tools.
The biggest issue for day to day use for me is how slow it is. Because your traffic is being routed through 3-5 nodes before getting to its destination overall speed and latency suffer a lot
But can't you just spoof most of that if you really want to? If you're putting in the effort to be concerned with anonymity.
Most operations aren't going to try that hard to fingerprint, although presumably a few will do everything they can.
The problem with spoofing is that in many cases it is even more differentiated than other traffic. If you are the only client claiming to use a rare and defunct browser, it doesn't matter what IP you dial in from. So if you want to be invisible, you can't just hide your fingerprint, you have to camouflage it so it doesn't look anomalous.
For the typical user concerned about privacy from standard actors - as opposed to someone on a most wanted list - one of the more effective methods is to fragment your data. Companies like Facebook and Google create ghost profiles when you interact while not logged in or otherwise identifiable. If you want to use these services more or less unimpaired while preserving your privacy, it's usually acceptable to have all of their data on you split among unlinked ghost accounts as an improvement over them being able to associate the data with your real ID. Spoofing can be a part of that, but if you overdo it then you end up making yourself identifiable again.
I use an app to fake my location data. I think the default is somewhere in the middle of an ocean. It's a pretty safe assumption to all of the corpos out there that my prole ass is not on a yacht in the middle of the ocean. I heard of a map the other day of geolocated activity for a platform. All of the coasts were lit up with activity - including Antarctica. They were being botted, and the bots (I assume) pick a random geocoordinate when interacting... and if that coordinate is in the ocean, the bot adjusts it to the nearest land coordinate. Hence the coasts being lit up with disproportionate activity. Some very smart people, much smarter than me, are being paid a lot of money to find much more difficult signals in all of the noise. Much like Zynga hires PhDs to maximize addiction and profit.
Being a private netizen is like being a pack animal: You don't want to stick out from the pack. That's how you get picked off.
Edit: Tor has a great use case, btw, but I'm not aware of it being a great use case for most people and purposes.