It's highly discouraged to add further add ons on Tor since you will be more easily fongerprintable.
The only thing you should change on Tor are security settings, nothing else.
this post was submitted on 26 Sep 2021
14 points (100.0% liked)
Privacy
33156 readers
803 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
It makes sense for it to have a built in ad-blocker. Any idea why they don't do that?
Hi! It doesn't make sense at all. Blocking ads & trackers is not a good approach to achieve privacy. It's quite weak actually for many reasons..
First of all, because enumeration badness doesn't work; it's not possible to create a list of every possible "malicious domain". And even if it was possible, websites could develop their own first party tracking and then share the information to third parties like Google or Facebook.
Second of all, because apps and websites can detect what domains are blocked, thus they -or malicious actors- will able to uniquely identify users more easily.
Third of all, because extensions add more attack surface since they use privileged script in order to work.
That's why Tor doesn't use any ad-blocker.
For more information about enumeration badness and browser tracking you can see here and here
For more information about enumeration badness and browser tracking you can see here and here
and here
https://madaidans-insecurities.github.io/browser-tracking.html
Madaidan FUD detected once again.
I can totally see how Madaidan can cause fear, uncertainty, and doubt. When I read, for example, his criticisms of Linux, I felt not only that, but also disappointment. You for sure have good reasons to dislike Madaidan and either GraphenOS or the Lemmy GrapheneOS community. But I don't know them. Could you explain a bit why Madidan and GrapheneOS (or it's Lemmy community) are problematic? Your answer would help me see what you see :)
https://lemmy.ml/post/73800/comment/66774
Read above comment chain comments too
Edit: the grifter is making claims about
And please, don’t listen to TheAnonymouseJoker. He is known as a troll in basically every privacy community
Here, "every privacy community" refers to NoGoolag and SpiteChat Telegram/Mtarix rooms, both places where madaidan is an admin and his entire pack of extremely racist people shitpost all day. It may also refer to r/privacytoolsio, where blacklight and madaidan seem to be close, toxic friends that call each other for brigading anyone who criticises them.
The only FUD around here is you @[email protected]
Surely not gonna take the words of [email protected] moderator, are you, readers? This person moderates the GrapheneOS community here.
I would like to tell you that you even begged for moderating TheHatedOne and GrapheneOS communities here. Reveals a lot about you more than me.
Requesting is not begging, hence the purpose of c/community_requests
You seem like an angry person replying out of hate. I'm sorry for whatever it is that happened to you to be this way. It doesn't give you a right to attack, harass and bully people.
Quite the leap there, with the abuser claims. Be careful with the projection and the sarcasm, it might burn you a little on the inside.
You are just revealing about yourself as you continue to reply to me.
It makes you a bit distinguishable from the people who don't use an Ad-Blocker. It won't be enough to identify you, but it does add to your digital fingerprint.
silly comments. Tails is using ublock orgin for Tor browser they ship with.
"Don't use Tails it ruins your OP sec" lol.
A difference is that Tails includes the uBlock Origin extension, which removes advertisements. If an attacker can determine that you are not downloading the advertisements that are included in a webpage, that could reveal that you are a Tails user.
https://tails.boum.org/doc/anonymous_internet/Tor_Browser/index.en.html
Here's the thing tho, u block might be good for your threat model. Depends what it is. any way if you are surfing clear web you got more serious opsec concerns.
Hi.
I think i didn't explain myself because this is happened before.
The point of the comments I wrote are not aimed to say "don't use ad-blockers" or "don't use Linux" and so on. What I'm trying to do is "fight" the misinformation spread by certain people about these topic.
Now, while people should act according their own threat model, they should also be aware about the possible pro and cons about every software they eventually are going to use.
I'm not an expert, but in my understanding privacy is not something you can easily achieve. Browser need to carefully develop actual features designed to protect users's privacy, like Tor browser does.
Installing a bunch of add ons aimed to "blocks ads & trackers" or *spoof user agent" will make you stand out more from the crowd.
Then if you're comfortable with that it's up to you. Again, there is a big difference between be aware about something and then act accordingly and be in denial mode and accuse people to spread misinformation beside the reliable sources linked.
I personally use ublock on my desktop browser because I don't like to see a page filled with ads & tracker and I don't care about stand out from the crowd.
Please, let me now whether I made that clear or not.
no it makes sense
Ok, thanks! :)
99% people have zero idea when they give advice using buzzwords. These people are either spreading misinformation, or are grifters (few of them).
If uBlock Origin is creating more attack surface, being a highly vetted, open source addon for REDUCING attack surface, that should tell you about advice you should be taking from such idiots.
I am one of the main people who has brought back focus on threat modelling and opsec, and I am glad that it is also differentiating the grift from the good advice, and not just guiding everyone towards a less tinfoil, more saner path to privacy.
Tails uses it so it souldnt affect your anonymity too much.
Don't do it it makes you stand out and ruins your opsec just use noscript
i would say use it.
but if you want to blend in perfectly then you should be doing what most people do.