How risky is browsing .onion links with firefox with TOR proxy and uMatrix with disabled scripts globally?
How risky is browsing .onion links with firefox with TOR proxy and uMatrix with disabled scripts globally?
Riskier than just using the Tor Browser Bundle at the maximum security setting.
What's the riskiest click with tor?
From my understanding it is not so much risky ala getting pwned through the browser but you become identifiable by browser fingerprinting. Same reason you are not supposed to add addons to the torbrowser since it makes you stick out
How risky is being a Formula 1 racer and heavy metal rockstar?
it's Dave Mustaine that's from Megadeth
Very, your browser sends its plugins in the user agent and you can be identified like that. Use Tor Browser
It is a fucking botnet you faggot. Same with tor browser as it has built in fingerprinting via dns leaks and webrtc/canvas fingerprinting. Lurk moar.
What's the Tor Browser UA string?
A lot more risky. Don't do it, I've heard some .onion websites deploy browser exploits, usually through javascript.
Who is retarded enough to keep JS enabled?
Believe it or not, JS was designed to to add functionality to a webpage that can't be done other ways.
Some Firefox on Windows, but it's not the only thing that could fingerprint you.
Why would you not use the Tor Browser Bundle?
triggered
Really because I thought it was mean to make everyone's lives miserable.
...
t. complete retard
ebin
Actually OP, I was a retard and didn't totally read your statement, but my statement still stands.
Disabling JS globally is good, but still don't do it without the TOR browser.
Firefox probably has a lot of background metrics, connections, etc going on. The TOR browser is properly configured to prevent that by default.
It's much 'safer' to use Tor browser with javascript turned off. Then you're just one more guy using Tor browser as far as the honeypot operator knows. Otherwise you're 'that one guy who uses Firefox with umatrix and other unique identifying quirks'. Also, ignore Agent Fud's idiotic poopoo about Tor browser being the ultimate insecure botnet. He gets paid to say that at least once in every security/anonymity-related thread. What an ass...
Yeah, you pretty much wanna blend in with the herd and since most people just use tbb, running that stock out of the box with js disabled is your best bet. Maybe layer it with a vpn but I don't really think it would make a significant difference. using uMatrix when it's not a default add on singles you out and makes you way more identifiable
So? Keep it disabled by default and whitelist sites on an individual basis.
Mozilla/5.0 (Windows NT 6.1; rv:52.0) Gecko/20100101 Firefox/52.0
Child porn, obviously
there's a lot of parameters to take into account.
If you want ot use the Tor networks with another browser you need to make your browser look like it's the tor browser.
Icecat is maybe the only one that is close enough to have only a few modifications to do.
But you absolutely need to disable Javascript otherwise they'll know that it's not the Tor browser.
Aka you need to blend in the crowd.
It depends how umatrix is configured.
If you allow script then yes they'll now that you use umatrix.
This
Not if you block/disable JS
It's Tor, not TOR.
Don't give away the shibboleth