Is Tor completely compromised?

Bump

Its rated as "Catastrophic" by the NSA.

"non-public" tor exploits.

The way to fix this is running a web browser on a seperate VM in a isolated PVLAN and routing all its traffic through another VM running Tor. That way you can still use javascript which is required for most websites nowadays.

I just use it for torrent and porn, 8ch's onion is slow fuck that.

Most of the time it's fine, if it's slow try switching tor circuit. Bigger issue is that it doesn't actually fully use .onion domain anyway, it needs to connect to softserve.8ch.net to get some JS (e.g. for those reply links next to post number).

...

99% of the time it's always a javascript problem.
So just don't use javascript.

I was going to say
But it seems I was too late

tor was safe until firefox spaghettified the esr

How and when did that happen? Wasn't it always designed in a spaghettic shape?

Exactly. If I am alphabet soup and want to pin something on someone but can't see anything other than random noise as their Internet traffic, it is in my best interest to convince them to switch anonymity schemes in hopes that they wind up on a less secure system.

It is widely known that you shouldn't torrent over Tor, unless you're just using it to get the magnet link itself.

The answer has always been that there's a small probability of your circuit being totally fucked. If you think "any probability" is too large for your use case, then you don't have a proper threat model, and should focus on graduating high school instead of being a paranoid, delusional autist.

There's also the problem of your ISP being able to use your metadata to determine that you're using Tor at the same time, but such information is only useful to law enforcement when they're doing specific targetting. Tor's answer to this has always been "run Tor 24/7" which is why the Tor Browser is a shitty solution.

Other than that, if a nation state actor with enough money is targetting you, you're probably fucked.

Why do we need to have this thread every month? Stop listening to retards who don't know what they're talking about.

I think the tor process running as a node by default throttles connections that try to transfer huge data. In practice that looks like your speed considerately dropping after a certain time or transfer size is reached, then it stays mostly stable at that speed. So even if someone tries to download huge files over Tor the nodes will automatically prevent it from suddenly slowing down those nodes to a crawl. Although if everybody downloaded huge files at the same time it would still slow down the network just the same.

People having different browser setups is a bad thing because it makes it easier to track people.

Where did you get 98% from?

tor browser inherited firefox botnet defaults plus the dev team is infiltrated following the appelbaum and feminist fiasco

You should get an old unused or anonymously bought non-botnet HSPA/LTE modem and only buy/load the SIM cards anonymously. Strictly for anonymous usage only and you should be fine.

Using Tor while on legal subscription to ISP is suicide.
End-to-end anonymity or btfo. You can also contact illegal retailers of ISP equipment (mostly modems) or if you're so pro you could go ahead and hack that old ADSL cable if your ISP hasn't upgraded to botnet fiber lines (yes fiber is usually botnet because the web CPE is virtual and not from the equipment itself)
considering the fact that most ISPs nowadays log your data usage (thanks net neutrality and reddit) it literally means they have logs. I suggest you find an insider and get illegal equipment or info.

No it would not. With torrenting you make hundreds of connections to different peers which hurts the network.

There was a news story recently about Danish police catching people buying guns and drugs on tor.
I saw a lot of people talking about tor being unsafe because of that.
I read into the story, and it turns out that the Danish police just monitored suspicious Bitcoin wallets, looking at the blockchain to prove that people had payed for what was sent to them.
So it ended up being people, who's wallets they had identified as belonging to them, couldn't just dismiss confiscated items as sent to the wrong person.

Looks interesting but I can't find anything about it anywhere else.
The official release date was just a few days ago but has it been audited yet?

Depends on how you use it. I use only Tor Browser and I leave it open, use it for listening music, etc. So it's constantly making connections. Even if you leave it idle it will make connections to refresh entry guards list, microdescriptors, etc.

your solution no longer applies in Poland since a couple of months, the government basically banned anonymous sim cards and now you have to provide your personal information even for pre-paids

it could then happen to the other countries as well

Lately whenever I connect to Tor, I keep getting the same access relay. No amount of computer restarts/"New Identity"/circuit changes/etc. will change it. The second relay and exit node change, but never the first relay. Is there any way to manually change it?

You wont expose if you don't use JavaScript and use libre plugins.

If you say so NSA

Get out you stupid cunt

That's always been the case. Keeping the same relay for a few months (which is what Tor does, and has done) is statistically safer than a new access relay on each circuit.

Since a lot of people are disabling javascript, attackers will start making exploits that don't need javascript.

Yeah, it's harder to make relieable exploits wthout scripting, but when they are paying lots of money, they'll have no problem getting them.

Sounds like a honeypot to me.

geekslop.com/2015/catching-pedophiles-running-secret-dark-web-tor-honeypot

<img utl=my.honeypot/markup.css>

css and images can be exploited many ways.

Yeah, that was in 2013 when they took over Freedom Hosting and ran them for about a day.

Freedom Hosting hosted thousands of sites. Over half of all onions were hosted there.

And they didn't make any content available. They used a down for maintenance page that contained a javascript exploit.

Normally, I don't care about FBI operations against child porn sites, but they fucked up and embedded the exploit on EVERY freedom hosting site, whether it was legitimate or not. In the warrant, they were only authorized to deploy exploits from about 20 sites, but it affected all FH sites.

In the 2012 Operation Torpedo and 2015 Playen operation, they actually ran the onions for 2 weeks, with actual CP available.

It's the exit node that can give you away. Alphabet agencies run exit nodes to discover you.

To correlate traffic, one malicious entity would need to run both the entry and exit node in your circuit. And in the real world, trying to correlate traffic results in many false positives.

A malicious exit node can snoop on non-https traffic or try to do MITM attacks.

If you look at actual data, the exit relays that make up most of the exit probability are run by known entities or non-profits. But someone like the NSA doesn't need to run relays, they can get the same information by monitoring most of the Internet. The NSA shouldn't be in most threat models.

ITT: pedoshits deluding each other into thinking that they're safe

Um no, pedophiles are the least safe group on Tor. Pedophiles are the only group that has been repeatably targeted with mass browser exploits. If you're a pedophile visiting hidden services and Tor Browser is your only defense, then you're doing it wrong.

ITT: shills trying to persuade people to not use Tor with no evidence

...

I think the safest answer is:
don't blindly listen to anyone and take the time to do your own fucking research.

…that's assuming you're capable of doing it.
and if not, you're not gonna be safe anyway, it just ain't that way. protection requires always thinking.

But how can they correlate traffic when I have data coming and going through multiple circuits at the same time?
Let's say I exit at nodes A and B and the NSA controls both. How do they know a certain connection though A and another one through B comes from the same origin in order to calculate my total traffic?
If you throw node C that they do not control into the mix, then it becomes impossible for them. My total traffic is A+B+C, but they can potentially only see two of these.

but they have the vast majority of exit nodes, and they monitor the rest
On their nodes, they can tell when a certain packet is going through because encryption doesn't stop packets from hiding the time that they left your computer and the destination.

maybe I'm wrong, but that's how the information got to me last time I looked it up

I still don't get it how they can tell that my connection through exit node A comes from the same origin as another connection on exit node B. Say I stream music through tor while browsing multiple websites. How can they trace all these tor circuits to me even if they control all of the exit nodes?

WTF I HATE TOR NOW

this distro needs to be more exposed to the world. alternatives are always good.

tails seems to have listed it on their wiki as well:
>tails.boum.org/doc/about/acknowledgments_and_similar_projects/index.en.html>>726073

i failed pasting...*facepalm*

tails.boum.org/doc/about/acknowledgments_and_similar_projects/index.en.html

in any case, heads seems to be worth a shot and looks more secure than tails from what they say

That's questionable, in the case of Tails. The more other users exactly like you there are, the more you benefit.

if you use tor browser in heads or tails there should be no difference for being fingerprinted

also on both systems the traffic is completely routed through tor so they behave the same way

Not only users but maintainers and contributors as well. Popular distros with strict maintainer policies and lots of maintainers have an enormous advantage here.

Tails installs ublock origin for some reason, which makes Tails user distinct from regular Tor Browser users.

well you have to start from somewhere, no? the distribution is very fresh

That's in the ideal case, but Tails plans for less than ideal cases. It's more than just a system that routes everything through Tor, it's amnesiac (that's the "a" in its name). It assumes that there's a real possibity of information about your system leaking and guards against the dangers of that by making your system as similar to other users' systems as possible every time you boot. That's why Tails is stronger than just the Tor Browser Bundle.

I tried Heads on qemu and the Tor Browser there seems pretty vanilla to me.

How can a live system not be the same as every instance that is booted?

But this is great as it makes me look like just another Tails user (fingerprint tests actually detect me that way) instead of "that guy that installed ublock origin in Tor Browser". Also, ublock origin is considered to be included in Tor Browser itself, some devs support the idea.

btw, you should disable javascript in about:config, the tor devs have heard rumors about methods to sneak javascript past noscript.

Putting the hypervisor between the VMs and rest of the network on a logical diagram is an interesting choice.

Just imagine i run a entrynode, but on the entrybox-pc i block all other middlenodes that are not mine, after i connected to circuit obviously, except few of my personal middlenodes still can talk (for a while), on some vps, on that vps-boxes i only accept connections from my entrynode(s)... jadada to my exitnode. If i can force you to use my entrynode your basicaly fucked!
This is just a theory, not sure if possible in IRL.

I wonder if Tor Project runs some monitoring tool to test if entry nodes limit circuits. Not every entry node is considered a good guard, but I don't know if the testing period involves some actual tests or do they just have to stay up for a certain time.

I really hate the boxes other companies use to denote a hypervisor boundary. Especially since with multiple hosts, VMs can move around automatically with things like VMware DRS.

I'm alright with depicting a hypervisor boundary, but a single box for the whole cluster tends to make sense, not each host.

Granted nowadays, there's so many VMs per host you're never going to fit them all onto a single diagram unless you're some kinda masochist.

this is a reminder that if you're using a circuit where the entry node and exit nodes are run by the same person, they can deanonymise you with traffic analysis. in the same vein, the TAILS OS doesn't persist tor states meaning your chances of using a bad entry node are exponentially greater compared to if you just used normal tor browser.
this is also a reminder that you can deanonymise hidden services by ddosing the fuck outta them until they use a circuit made up completey of nodes you own.
this is just the surface of problems with tor but im safe because i use i2pd (c++ version of i2p). it's top tier, no sjw shit, and the devs dont think of their users as braindead retards.

|
|>
|
|3
|

You can still buy a starter registered to a strawman. There is for now no law against buying/selling/using SIM cards registered to other people.
Szukaj pięciozłotowych starterów w cenie ~25zł na Alledrogo.

If you say so, officer.

I torrent over Tor all the time!

I actually torrent over Tor and spin up another torrent everytime I see some retard spouting the 'torrenting is bad for tor meme'. The only 'bad' thing about torrenting over Tor is that uses a lot of CPU on the node. And the meme that your torrenting client won't use Tor is dumb tbh. All you need is an HTTP tracker to torrent over Tor. Try it, user!

Haven't seen any proof of a reliable attack at normal traffic volumes. Have you?

...

Are you aware that Tor doesn't support UDP?

better unplug from the internet altogether.

A majority of the anti-Tor posts are just generic ad hominem one liners with no technical explanation, as usual. The only attack that fucked over notorious Tor users were evil bridges (think early Arab spring) Comp'd VPN companies in the chain (hidemyass) and fucking retards who use their personal info online, like their email (silkroad). Also you have cases of people downloading malware, trojans, or whatever without using a sand-boxed VM, but tor is irrelevant in this case.
Timing attacks is a sound theory but this gets mitigated if you updated frequently and use whonix as opposed to meme-tier browsers.
The biggest threat I can think of would be bandwidth fingerprinting, as in the bandwidth transmitted between your router and an ISP being matched with bandwidth leaving a tor node, which even then you can obfuscate by using torrents, something I see shilled against oddly.

...

Tor: 50% that somewhat compromised 50% that not
clearnet: 100% chance that compromised

Yes but I think most exploits were javascript exploits. Finding one for html/css parsing or rendering would be way harder.

And that will defeat anonymity as they all will be heavily fingerprinted.

98% of Tor users who would visit that FED website or use their exit node. That would be more like 1-5% users in true scenario, the exploit would be immediately fixed too.
Also, even if that exploit would work, it would only prove that you visited that website, or post something on it. It wouldn't steal your past browsing history. Browsing clearnet gives 100% of your past history to government without any exploits.

Even good non-microsoft software Firewall could work. The exploit used might not be able to pass that firewall, since there is dozen of different 3rd party firewalls.

Why would you use JS on Holla Forums?

How is it shitty? Are you trying to say you don't use browser 24/7?
Even if you shutdown/hibernate when sleeping that will only mark 10 hours when you don't use Tor.

They don't have enough money to target all of us. Using Tor raises hugely money they need to target people. Without Tor they just go to your ISP who stores all of your history for past years.

Using internet without Tor is a suicide. Using Tor on subscription will only mark you as Tor user.
If you use clearnet and then visit extremist websites like Holla Forums or stormfront etc they will mark you even more.

Do you even know what net neutrality is?

Exactly. You can just configure any application to use 127.0.0.1:9150 socks proxy. Firewall is recommened to prevent leaks (especially DNS leaks).
If application doesn't have socks config you can force that with applications like sockscap and similar.
Or can use computer in Whonix VM and run all software there, but it has many drawbacks.

That's good, seems Tor is already working, requires them to use way higher funds to deanonymize people.

That seems stupid. How would they prove someone actually wanted to get child porn from there? Maybe a person just clicked a link to that onion site?

So it's another shit like Linux that will be used by few people who can afford to read manuals for 15 hours a day?

The problem is crap torrent clients will send your real IP address in packets.

Random MAC address + cantenna + Starbucks

So what are some tor-friendly torrent clients that I can run outside of VM without getting paranoid? I rarely use torrents but I feel really uneasy when torrenting over clearnet.

I don't use Tor, but I think it has a wrapper that lets you use any browser you want. You could even use just a barebones Lynx, with all features you don't want/need (cookies, etc.) stripped out at compile time.

You fucking autist, you don't torrent over tor ever.

blog.torproject.org/blog/bittorrent-over-tor-isnt-good-idea

Also if you've torrented something pirated with your real IP address before, this does not make you "anonymous", stop acting like a special snowflake.

Calm down you fucking hysteric, I know you're not supposed to torrent over tor. But if you take everything Tor Project says absolutely literally without any nuance then you're precisely the kind of idiot user they have in mind when they threat their users as idiots incapable of thinking for themselves.

No, the reason the Tor Project does not want you to torrent is because it is not designed so any different use its not designed for will not make you anonymous you fucking tard. Use software that is designed with torrenting in mind. For example I2P or better yet use tor to connect to a VPN.

You do realize that your torrent client blasts your bare ip to everyone revealing your ip thus deanonymizing you immediately, right?

Summer comes too early around here.

That's called a leak. It can't happen IF you are able to completely torify your client. Running any torrent client in a Whonix workstation wouldn't leak your IP.

It is not a leak it is designed into torrent clients. A leak isn't intentional. Learn the meanings of words before you use them.
You are right, it would not leak it. But it would post your bare ip as designed, thus deanonymizing you.

Seriously, I see this shit everywhere, but where does it come from? Net neutrality as a concept just means your data receives the same priority as that of large companies, did they worm some spying shit into the legislation for it?

My problem with tails is that ignores the benefits of security through obscurity, if someone were to write a Tor exploit, they would only need to attack Windows and TAILS instead of Windows and all possible linux distributions. They won't need to worry about grsec, they can gaurantee the existence of systemd, and they know the exact kernel version. TAILS makes a very easy target.
I'm not shilling against TAILS, but if you have the technical knowledge to set up something like a dedicated OpenBSD Tor box, it would be far more secure.

tpvj6abq225m5pcf.onion/pub/torproject.org/download/download-easy.html.en

Same argument is generally said about Tor browser. The reason why everyone should be using the same thing is anonymity set - if you use something custom without really knowing how decloaking is done, you'll most likely stand out. Remember that the "herd" you argue against is the same crowd you're hidding in. If you wear different facemask, you're no longer anonymous, you're uniqely identifiable - you're "that guy with different mask".

This is considered much larger risk than the monoculture. The danger of targeted exploits is very real of course, which is why you should always run tails in a VM, not on bare metal - especially if said metal also contains something sensitive. However thinking that diversity would help you is generally wishful thinking. You mitigate the global impact with diversity, of course, but also expand your attack surface (2 different codebases = twice as much possible bugs). As for thinking that openbsd has smaller surface than locked down linux, that's downright delusional ideology rather than something based on facts.

The reason why linux is chosen is features and flexibility of the system. For example BSD stateful firewall (pf) is very primitive and routing traffic through there is problematic,

Other problems are - BSD has almost nil foreign filesystem support, less of hardware support and finally, less people are familiar with it. As for supposed OpenBSD security when comparing it to linux locked down to similiar level, veracity of such claims is often in contest given the history of Theo actively being in denial (if not outright lying) about existing exploits.

What does Tails need that pf can not do?

OpenBSD supports more hardware than Tails. tails.boum.org/doc/about/requirements/index.en.html:

OH SHIT NIGGA. I KNOW. I was there. THERE WAS A FORUM EXPLOIT THAT SOMEHOW KEPT USERS INFO AND KEPT THEM LOGGED IN REGARDLESS OF BROWSER SHUTDOWN. There were so many fags freaking out. The thread was funny.

** Now they're lazy. They just use a surface web website with .webm cp downloads. You have to sign in to download the full vids which have been passed down to many onion chan like boards.

OH SHIT NIGGA. I KNOW. I was there. THERE WAS A FORUM EXPLOIT THAT SOMEHOW KEPT USERS INFO AND KEPT THEM LOGGED IN REGARDLESS OF BROWSER SHUTDOWN. There were so many fags freaking out. The thread was funny.

Now they're lazy. They just use a surface web website with .webm cp downloads. You have to sign in to download the full vids which have been passed down to many onion chan like boards. No new content.

Nah if tor was compromised shills wouldn't waste their time spreading FUD about it

False equivalence. You're comparing apples to oranges.There's no live openbsd comparable to tails.

In case you're not baiting, simply compare on equal grounds Debian (tails is simply customized debian) vs OpenBSD.

And now you are just talking out of your ass, pf works fine for routing/Tor or whatever you want to do with it.
The only reason is that Linux is easier to maintain than *BSDs on it's own, you can easly fetch the kernel from source or just use precompiled stuff, you have ports on *BSDs you need to compile which isn't really great if you want to maintain something like Tails hence why Gentoo wouldn't really work for a Tails or Whonix like setup ( unless you maintain your own ) because you would have to bother people with compiling when there are new updates ( unless you give them binaries but that requires more infrastructure ).
And Linux desktop is shit for security, your best bet is using PaX/grsecurity and building your own kernel + userland and turn everything you don't need in kernel off.

How do you mark connections by country or process? You can't. How do you account data transfers per user, per IP? Awkwardly. How do you create separate VRF on BSD with separate NAT rules? You can't, OpenBSD doesn't even have a concept of network namespaces. How do you implement FIB-aware NAT? You can't. How do you L2 firewall between two bridged segments? You can't. How do you rewrite NB/ARP between segments? You can't....

I've had the pleasure of trying to bend OpenBSD to do what a Linux box did before on multiple occasions. Sometimes it was extremely awkward, sometimes it was simple, nice and worked really well, and sometimes it was simply impossible to shoehorn it to the narrow view of BSD way of doing things.

Because pf/ipfw aims for simplicity and consistency both in use and implementation, and getting severely limited in flexibility as a result. This is a choice made by BSD in general. It makes BSD consistent, less haphazard and more stable, but also limited in suitability for tasks not anticipated by the original design - usually everything other than simple dumb servers and nat/router setups.

Every time I throw at openbsd faggot something bsd cannot do, they start screeching autistically "theo would never allow this", "this isn't what openbsd is supposed to do", "you don't know what you're talking about" and so on. But that's the whole point - linux is far more flexible, bsds are far less (especially openbsd which is proud to be retarded as a purported feature).

You do realize pax predates openbsd. Again, because it was simpler to hack it on top of linux. Linux kernel is not designed to do things "right". It is designed to make hacking things into it *simple*.

This is bollocks. You can snapshot ports world state to a target. Most BSDs have a full desktop livecds built this way, tails is pretty much a livecd (with Tor setup built in). Granted, OpenBSD is the only BSD which officialy wrote off official desktop livecd - for retarded argument like yours, but that didn't stop people doing it separately anyway.

Wrong. Source code can easily be fetched using cvs. You do not need to compile ports, there are pre-compiled packages.

Nope. The first release of OpenBSD was in 1996, the first release of PaX was in 2000.

Autism bait. It wasn't until 2003 when theo finally reverse engineered NX and ASLR in PaX and backported it to openbsd.

It's not too far out there to thing the alphabet agencies would go through the trouble of controlling enough node to deanonymize at least some percentage of TOR traffic. They have the means an the motive.

Sounds like you have something to prove. You want to kill OpenBSD is that it? Are you mad at it? It sure sounds like there's an emotional issue at play there for you.

That is different from "pax predates openbsd". Originally nothing was said about NX and ASLR.

A table should work for country.
Use user and group instead of process.

rdomain and rtable

start using freenet, losers.

Fuck off retard

Being anonymous is about blending into the crowd. Ublock origin is normie tier now, look up the amount of downloads on both the firefox store and the chrome store, several millions now.

Not a single mention of Tor booting Jacob Appelbaum out (staunch privacy advocate at any cost) and the death of their old CEO Casper (possibly by CIA) and installing a new CEO who's a complete SJW (pro censorship). Not to mention Roger being cucked to a SJW and owing money.

Yes I'm an ex insider and contributor. You want more juicy shit, look at the timeline of the death of Debian's founder. Tor is fucked now, and so are many distro's. Cap this, hold what I say into the light, remember it, its accurate I promise.

...

So Tor has pretty much been taken over and is controlled by the SJW cabal who wants to catch all the free thinking anons left? So NSA was just a distraction all along?

Yes, Tor was real for a time, and although it is open source, they still have data that can map users, they also control the bridge lists and can shut off relays. If u want to do dodgy shit use for on tails or other ramOS, from a location other than your own (coffee shop, MacDonalds etc) and stay out of sight of cameras, and don't take ur fucking phone, its pinging cell towers every second and u will be swept up by them or FBI/DOD etc with their own stingrays

They can control the network and shut down relays but unless they basically shut down all tor nodes other than theirs they couldn't track you themselves.

Don't try to distract me with your lies about NSA, SJW shill.

Wait I'm the SJW shill? Fuck you! Let me tell you I used to love attending defcon and the CCC (German hacker conference in Hamburg) before it got co-opted by SJW's. Every talk became political. I used to hang with a bunch of well knowns there. Want proof? Check pic, I hacked their lobby board with trump memes when I realised I was never going to attend again. Tineye that shit, its original. U stupid fuck, I'm trying to warn ppl and help and u want to sit there and call me a SJW, that which will ruin the next 100 years of freedom? Give proof or fuck off, IM REAL

Here's another, there were sum absolutely butthurt fags, they shut it off after

And finally they shut it down lol

kek, and I was thinking he may have done something interesting. Almost makes me think whoever wrote this did it with the specific purpose of making me relax my precautions.

Yes. You disable UDP communication. TCP-only.

Ideally, you find a client that uses a different DHT (UDP) port than the client's TCP torrent port, then your client will only 'leak' by DHT-search. Is it illegal to only DHT-search? How do they know you joined the swarm as a client?

fucking KEK

isnt this what qubes tries to accomplish? also you can tunnel tor through vpns pretty painlessly.

lel

Still it's a better solution than a vpn or nothing right now.
placing my bets on the Gnu network for a viable long term replacement

If true nice hack
If false still a nice hack

And that's how you kill the hacker community.

Are all the conferences politicized now ?
When I see the 33C3 some of them are indeed SJW but not all of them are.
Or is it really rampant like 95% of the people have been baited ?

Anyway the community needs to stop fucking around all this political nonsense and see what the CIA (or other) have don and enjoying the Discord they have unleashed.
I don't know how it can be done.
I see some SJWs I wonder how can I even convince a fantasized person to just listen an argument.
It's even worse when you see the number of people who drug themselves in the community.
Sometimes my paranoia wants me to believe that SJWs are just CIA implanted people with some sort of MKultra modern shit.

If nothing changes I give two years before the hacker community dissolves completely and the gnu project is either disbanded or over taken by SJWs.

Stallman give us strength.

Not paranoia if it's true, and not that much different than they've been doing since the '60s with COINTELPRO. I think SJW's are a mix of planted agents and cult tactics used to program the rest into becoming useful pawns.

Fucking LEGENDARY my dude well done

Which distros are fucked now?

Yes

Source?

Tor is ran by the Chinese agents

sudo su
killall tor
rm /var/lib/tor/*

Every time you need a new entry. Don't let the Torah network control you.

yare yare

The hacker community was already a gay piece of shit full of fedora tipping faggots. SJW shit - while bait and very cringey - doesn't matter. The hacker community are the faggots who embrace the cock of CloudFlare in their mouth, which is the one thing that is and has been killing tor for the past 5 years.

Is it the 1980's again Reptile-overlord Reagan?

Tor is shilled by pedophiles

Nah, they (and their opponents) switched to freenet a couple of years ago.

That is a bad idea.
torproject.org/docs/faq#EntryGuards

Not if you need a new circuit, fam.

Don't fall for the (c/n)2 meme. The Torah Project isn't a friend of the people.

sudo su
killall tor
rm /var/lib/tor/*

DO IT, FAGGOT !

just the nature of net neutrality means you have to give someone the authority to regulate the internet and deny an individual from voluntarily engaging in a contract that they want to, and obama's net neutrality gives that power to the fcc. all 3 of the major proposed plans give lotsa power with lotsa leeway. in theory i suppose there could exist a net neutrality that i would be fine with, but any accepted law will really just turn the big business v big government angle into big government vs consumer. its like 50% screwed vs 100% screwed. it might be worth it if we didn't currently have government enforcing monopolies like comcast and only had the natural barriers of infrastructure in place for a new company, but its suicide here

This is the most incoherent criticism of net neutrality I've ever seen. It also doesn't even remotely address the question in the post being referred to.

No.

if its about privacy follow these steps
1. get some completely open hardware, thinkpads can fuck themselves. all new intel/amd maschines are compromised.
2. get qubesOS and learn to use it securely
3. get an open router firmware like open wrt or DD WRT. both these systems support VPN redirection over the whole network.
4. make use of qubes disposable VMs. every session you start make a new disposable VM.
5. don't download binary applications. compile from the code yourself. this ensures WYSIWYG.
6. your VMs should be BSD or SElinux based as they are security oriented OSs.
7. follow opsec. you shouldnt even be posting on imageboards
8. host your own email.
9. use the Lynx browser. it forbids anything but raw HTML. you can use Lynx in Vim if you like too.
10. when powering down your computer do it by causing a kernel panic. you can do this by pulling the HDD/SSD out and putting it back in. when youre done remove the power from your maschine just incase its compromised
11. put tape over your webcam
12. your hardware should be ARM based. its the best supported architecture that still has modern powerful hardware and isnt compromised.
13. get used to computing being a pain in the ass

also start data hoarding it will help you cut your entertainment sources from major botnets like youtube and netfucks

I will never stop being butthurt about (((tor project))) dropping the nice standalone process and forcing everybody to use their pre-packaged botnet browser.

t. Agent Fud

Then you'll have to fsck all partitions at bootup. What's the point anyway?

are you some kind of turbonormie? even normalfags use torrents and other shit. netflix is completely retarded and isn't even comparable to jewtube. jewtube (ignoring their massive purging of "non legitimate" content and blocking 290/300 countries from viewing every video) contains products of hundreds of cultures. netflix is just some tiny selection of videos you have to pay a subscription to access and they aren't even sought after videos. if I wanted to watch a movie for some reason, chances are, netflix wouldn't even have it. my parents use netflix (i have no fucking idea why) and it's a broken slow peice of shit that can't do VSYNC right

If you use that "Tor Ez Start Kit" packaged with an old Firefox build, you are definitely compromised. Just code your own Tor client, run everything through a VPN for extra safety, and you should be fine.

What's wrong with using it if you check the signatures first?

Firefox ESR is secure and is trusted by several enterprises. Beyond Firefox ESR's own security, the Tor Browser Bundle includes several pataches and configuration changes meant to increase overall security and anonymity. Rolling your own Tor would be signficantly more risky than using software with hundereds of eyes constantly observing it.

VPNs bring no real extra security to the table. Use something like proxychains or public wifi if you're concerned about IP-revealing zero-days (protip: Disable JavaScript/SVG rendering)

Nothing.

Pics or it didn't happened.

You obviously don't know what you're talking about, and shouldn't be giving 'advice.'

That's hysterical.

And you are completely correct about Applebaum and what has happened with the TOR project. The anarcho-feminist bullshit that has been slipping in, paired with them even re-stating the TOR project's stated mission to one of Social Justice makes it abundantly clear to anyone who is paying attention, that the TOR "devs" would hand everything they had over to the NSA in a heartbeat if somehow it was discovered that Trump was looking at kiddie porn over Tor, and they wouldn't even think twice about it.

I heard from a secret inside source that they already have given NSA everything they have. Here is the top secret dump of the contents they provided: gitweb.torproject.org/tor.git

Firefox and Chrome ARE the exploits, mang. Pilling mitigation on top of those bags of bloated crap is like trying to use virus scanner on Windows. In the end you're better off to avoid the whole thing altogether.

ain't_clickin_that_shit_nigga.dbl